Threat Overview The TinkyWinkey keylogger represents a sophisticated threat to Windows-based systems, leveraging advanced techniques for stealth and data capture. This malware uses persistent service execution, low-level keyboard hooks, and comprehensive system profiling to gather sensitive
Continue ReadingBlog
Lazarus Group Utilizes ClickFix for Advanced Phishing Attacks
Threat OverviewA new threat report published by AlienVault on September 1, 2025, reveals a sophisticated phishing campaign orchestrated by the Lazarus APT group. This report, titled "Traps Beneath Fault Repair: Analysis of Recent Attacks Using ClickFix
Continue Reading
Major August Cyber Attacks: Tycoon2FA Phishing, ClickFix Campaign, and Salty2FA
Threat Report Major August 2025 Cyber Attacks A detailed report on the significant cyber attacks in August 2025, including Tycoon2FA phishing, ClickFix campaign, and Salty2FA. Threat Overview In August 2025, several significant cyber threats emerged, posing
Continue Reading
WinRAR Directory Traversal & NTFS ADS Vulnerabilities
Threat Report WinRAR Directory Traversal & NTFS ADS Vulnerabilities (CVE-2025-6218 & CVE-2025-8088) Two high-severity vulnerabilities in WinRAR for Windows enable attackers to write files outside intended extraction directories. Threat Overview Two critical vulnerabilities have been identified
Continue Reading
Cereal Offender Analyzing CORNFLAKE V3 Backdoor
Threat Report A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor A detailed analysis of a campaign involving two threat groups deploying the CORNFLAKE.V3 backdoor. Threat Overview The recent threat report published by AlienVault on August 21, 2025,
Continue Reading
Behind the Curtain How Lumma Affiliates Operate
Threat Report LUMMA AFFILIATES Cybercriminals operating within a vast information-stealing ecosystem Threat Overview The threat report published by AlienVault on 2025-08-20T18:39:43.148Z titled 'Behind the Curtain: How Lumma Affiliates Operate' provides an in-depth analysis of the complex
Continue Reading
Legitimate Chrome VPN Extension Turns to Browser Spyware
Threat Report LEGITIMATE CHROME VPN EXTENSION TURNS TO BROWSER SPYWARE A popular Chrome VPN extension with over 100,000 installs has transformed into spyware. Threat Overview A recently published threat report by AlienVault on August 19, 2025,
Continue Reading
Microsoft 365 Direct Send Abuse Phishing Risks & Security Recommendations
Threat Report MICROSOFT 365 DIRECT SEND ABUSE Threat actors are exploiting Microsoft 365's Direct Send feature to deliver phishing emails, bypassing perimeter security solutions. Threat Overview The threat report published by AlienVault on August 18, 2025,
Continue Reading
SAP Ariba Quote Isnt What It Seems Its Ransomware
Threat Report LeeMe Ransomware Campaign A sophisticated ransomware campaign masquerading as a new SAP Ariba tool. Threat Overview A recently published threat report by AlienVault on August 15, 2025, has uncovered a sophisticated ransomware campaign that
Continue Reading
PhantomCard New NFC-driven Android malware emerging in Brazil
Threat Report PHANTOM CARD A new Android Trojan targeting banking customers in Brazil with potential for global expansion. Threat Overview PhantomCard is a newly identified Android Trojan that specifically targets banking customers in Brazil. This malware
Continue Reading