Delivering simplified cybersecurity alerts and information, ensuring you're always prepared to take immediate action.

LockBit 5.0 Variant Expands Attacks on Windows Linux and Virtual Infrastructure
Ransomware

LockBit 5.0 Variant Expands Attacks on Windows Linux and Virtual Infrastructure

Threat Group – LockBit operators Threat Type – Ransomware as a Service Exploited Vulnerabilities – Exposed remote access services, unpatched internet facing infrastructure, valid credential reuse, weak virtualisation hardening Malware Used – LockBit 5.0 Windows Linux and ESXi variants Threat Score – 7.5 🔴 High – Cross platform impact with ESXi targeting, rapid encryption, and
6 min read
BRICKSTORM new Windows variant expands targeting of legal and technology sectors
$BRICKSTORM

BRICKSTORM new Windows variant expands targeting of legal and technology sectors

Threat Group – China-nexus UNC5221 Threat Type – Espionage backdoor and post-exploitation toolkit Exploited Vulnerabilities – Ivanti Connect Secure auth-bypass and command injection (CVE-2023-46805, CVE-2024-21887), Ivanti Connect Secure RCE buffer overflow (CVE-2025-22457), weak edge-appliance hardening, exposed management interfaces, valid-credential reuse Malware Used – BRICKSTORM backdoor with file-manager UI and network tunnelling; associated tooling and
6 min read
COLDRIVER targets policy and critical infrastructure using BAITSWITCH-SIMPLEFIX chain
COLDRIVER

COLDRIVER targets policy and critical infrastructure using BAITSWITCH-SIMPLEFIX chain

Threat Group – COLDRIVER Threat Type – Espionage malware and social engineering Exploited Vulnerabilities – User execution via ClickFix lure, abuse of rundll32, script execution and registry-based persistence (no CVEs assigned) Malware Used – BAITSWITCH downloader, SIMPLEFIX PowerShell backdoor, LOSTKEYS VBS payload, SPICA backdoor Threat Score – 8.2 🔴 High Last Threat Observation – 25 September
7 min read
Fileless EggStreme Malware Campaign Attributed to Chinese APT Against Military Organisations
Malware, EggStreme, Fileless Malware, DLL Sideloading, Espionage, APT

Fileless EggStreme Malware Campaign Attributed to Chinese APT Against Military Organisations

Threat Group – China-based APT actors Threat Type – Fileless malware and espionage backdoor Exploited Vulnerabilities – DLL sideloading, fileless memory injection (no CVEs assigned) Malware Used – EggStremeFuel, EggStremeLoader, EggStremeReflectiveLoader, EggStremeAgent, EggStremeKeylogger, EggStremeWizard Threat Score – 8.0 🔴 High Last Threat Observation – 11 September 2025 Overview A newly discovered espionage framework named EggStreme has
4 min read
MostereRAT Expands Post-Exploitation with Remote Access Software
MostereRAT, Remote Access Trojan, AnyDesk, TightVNC, Phishing

MostereRAT Expands Post-Exploitation with Remote Access Software

Threat Group – Unknown Threat Type – Remote Access Trojan with remote administration tool deployment Exploited Vulnerabilities – Phishing vectors, TightVNC privilege escalation CVE-2023-27830 Malware Used – MostereRAT Threat Score – 7.8 🔴 High Last Threat Observation – 9 September 2025 Overview A phishing campaign uncovered by Fortinet on 9 September 2025 is distributing MostereRAT, a
3 min read
Unknown Actors Launch High Severity NPM Supply Chain Malware Attack
SupplyChain, Malware, OpenSource, NPM, Phishing

Unknown Actors Launch High Severity NPM Supply Chain Malware Attack

Threat Group – Unknown criminal actors via phishing campaign Threat Type – Supply-Chain Attack / Malware Injection Exploited Vulnerabilities – Phishing via typosquatted domain, credential theft, token misuse Malware Used – Crypto-wallet address swap, WebSocket-based backdoor, Scavenger infostealer Threat Score – 7.5 🔴 High – Advanced targeted attack on trusted dev ecosystem; widespread impact and high stealth
3 min read
Plex users urged to reset passwords after database compromise
Breach, Article, news, Plex

Plex users urged to reset passwords after database compromise

Threat Group – Unknown threat actor Threat Type – Data Breach / Account Compromise Exploited Vulnerabilities – Unauthorised access to Plex authentication database Malware Used – None confirmed Threat Score – 🔴 7.5 High – Large-scale exposure of account credentials with password reuse risks Last Threat Observation – 8 September 2025 Overview On 8 September 2025, Plex confirmed
2 min read