Blog

Threat Overview A newly published threat report by AlienVault on October 1, 2025, sheds light on a significant cyber threat posed by the financially motivated group known as UNC6040. This analysis focuses on their sophisticated voice

Threat Overview A recently published threat report by AlienVault, titled FlipSwitch: a Novel Syscall Hooking Technique, sheds light on an advanced and stealthy method used to compromise Linux systems. This report, released on September 30, 2025,

Threat Overview The AlienVault threat report published on September 26, 2025, highlights a sophisticated phishing campaign leveraging Browser-in-the-Middle (BitM) pages. This campaign employs advanced tactics to intercept and manipulate browser traffic, potentially enabling attackers to harvest

Threat Overview A recent threat report published by AlienVault on September 25, 2025, reveals a new campaign targeting telecommunications and manufacturing sectors in Central and South Asian countries. This campaign delivers a novel variant of the

Threat Overview A newly published threat report by AlienVault on September 24, 2025, highlights a sophisticated campaign involving NodeJS backdoors. These backdoors are used to distribute proxyware and various monetization schemes. The attackers leverage Inno setup

Threat Overview The Iranian threat actor Nimbus Manticore has expanded its operations to target defense, telecommunications, and aviation sectors across Western Europe. This report provides a detailed analysis of the group's tactics, techniques, and procedures (TTPs),

Threat Overview Published: September 17, 2025 Executive Summary A widespread software supply chain attack targeting the Node Package Manager (npm) ecosystem has been discovered. This attack involves a novel self-replicating worm named "Shai-Hulud," which has compromised

Threat Overview The cybersecurity landscape continues to evolve with new and sophisticated threats emerging regularly. A recent threat report published by AlienVault on September 17, 2025, highlights the activities of a significant ransomware group known as

In a recent development, the Hive0154 group, also known as Mustang Panda, has been observed deploying an updated version of the Toneshell backdoor along with a novel SnakeDisk USB worm. This sophisticated malware campaign highlights the

Threat Overview A new ransomware group called Yurei has emerged on the cybercrime scene, leveraging open-source code to execute its malicious activities. This group appears to be relatively unsophisticated but still poses a significant threat to