Threat Overview <p>A recent threat report published by AlienVault on September 12, 2025, has revealed a significant surge in phishing attacks targeting major U.S. energy companies. The campaign, which primarily focused on Chevron, ConocoPhillips, PBF Energy,
Continue ReadingBlog
Critical SAP Vulnerability Exploiting Remote Code Execution
Threat Overview CVE-2025-31324: Critical SAP Vulnerability & How to Protect Your Enterprise We noticed a new threat report published by AlienVault on September 10, 2025. The report details a critical remote code execution vulnerability (CVE-2025-31324) affecting
Continue ReadingGentlemen Ransomware Tactics Techniques and Procedures Exposed
Threat Overview The Gentlemen ransomware group has recently emerged as a highly sophisticated threat actor, targeting various industries across 17 countries with a particular focus on the Asia-Pacific region. This detailed report sheds light on their
Continue ReadingSalesloft Trust Portal Threat Analysis
Threat Overview CyberHunter_NL has recently published a comprehensive threat report titled "Salesloft Trust Portal." This report provides critical insights into emerging cyber threats and offers recommendations for mitigating potential risks. The report was published on September
Continue ReadingGoogle Salesforce Breach Unveiled
Threat Overview The Google Salesforce breach orchestrated by UNC6040, also known as ShinyHunters, has exposed critical vulnerabilities in modern SaaS environments. This incident highlights how threat actors can exploit cloud-native platforms to compromise sensitive data and
Continue ReadingDire Wolf Ransomware Combining Data Encryption and Extortion
Threat Overview We have identified a new threat report published by CyberHunter_NL on September 3, 2025. The report details the activities of the DireWolf ransomware group, which has been targeting businesses across Asia and Australia since
Continue ReadingStealthy TinyLoader Malware Exploits Windows Network Shares
Threat Overview A stealthy new malware loader dubbed TinyLoader has begun proliferating across Windows environments, exploiting network shares and deceptive shortcut files to compromise systems worldwide. First detected in late August 2025, TinyLoader installs multiple secondary
Continue ReadingDissecting RapperBot Botnet Infrastructure and DDoS Attacks
Introduction The RapperBot botnet has been a significant threat in the cybersecurity landscape since at least 2021. This botnet is designed to conduct large-scale Distributed Denial of Service (DDoS) attacks, targeting various organizations and services worldwide.
Continue ReadingAdvanced Keylogger Threat Named TinkyWinkey Identified
Threat Overview The TinkyWinkey keylogger represents a sophisticated threat to Windows-based systems, leveraging advanced techniques for stealth and data capture. This malware uses persistent service execution, low-level keyboard hooks, and comprehensive system profiling to gather sensitive
Continue ReadingLazarus Group Utilizes ClickFix for Advanced Phishing Attacks
Threat OverviewA new threat report published by AlienVault on September 1, 2025, reveals a sophisticated phishing campaign orchestrated by the Lazarus APT group. This report, titled "Traps Beneath Fault Repair: Analysis of Recent Attacks Using ClickFix
Continue Reading