Blog

Overview The latest threat intelligence release from Sand‑Storm, dated 2025‑11‑19, focuses on a sophisticated attack chain that leverages the newly disclosed Windows Server Update Services (WSUS) remote code execution vulnerability identified as CVE‑2025‑59287. The report, titled

UNC1549 Threat Report Executive Summary UNC1549, an Iranian‑linked threat group, has intensified operations against aerospace, aviation, and defense organizations since mid‑2024. The group deploys a sophisticated mix of phishing, supply‑chain exploitation, and custom malware to infiltrate

Threat Overview In a recent publication dated November 15, 2025, security researchers at AlienVault released a detailed report on a sophisticated malware family known as NotDoor. The threat actor behind NotDoor leverages Microsoft Outlook macros as

Yurei Ransomware Encryption Analysis Go Builder Insights AlienVault released a detailed threat report on November 14 2025 that examines the encryption architecture of the Yurei ransomware family. The analysis focuses on the Go based builder that

Threat Overview The latest threat report from NVISO Labs reveals a significant evolution in the Contagious Interview malware campaign. The attackers, known as the Contagious Interview Actors, have shifted their delivery vector to leverage JSON storage

Fantasy Hub Russian RAT Malware Service In a recent publication dated 2025‑11‑10, the threat intelligence community was alerted to a new Android Remote Access Trojan (RAT) known as Fantasy Hub. The malware is being offered as

Introduction The hospitality sector has long been a lucrative target for cybercriminals due to the wealth of personal and financial data it holds. On 2025-11-07, AlienVault released a detailed threat report titled "Booking.com Phishing Campaign Targeting

Threat Overview The latest analysis from AlienVault, published on 2025-11-06, highlights a critical shift in the cyber threat landscape: the German hosting provider aurologic GmbH has evolved into a central hub for high-risk hosting networks. This

On November 5, 2025, AlienVault released a new threat report titled Evasion and Persistence via Hidden Hyper‑V Virtual Machines that sheds light on the sophisticated tactics employed by the Curly COMrades threat actor. The investigation reveals

Threat Overview In the rapidly evolving landscape of cybercrime, a new and sophisticated threat vector has emerged that specifically targets the trucking and logistics sector. According to a recent AlienVault threat report published on 2025‑11‑03, cybercriminals