Delivering simplified cybersecurity alerts and information, ensuring you're always prepared to take immediate action.

Malicious SVG Attachments Bypass Email Filters in Widespread Phishing Campaigns
Malware

Malicious SVG Attachments Bypass Email Filters in Widespread Phishing Campaigns

Threat Group: Multiple cybercriminal organizations Threat Type: Phishing, Malware Delivery Exploited Vulnerabilities: Misuse of Scalable Vector Graphics (SVG) file capabilities Malware Used: Agent Tesla Keylogger, XWorm Remote Access Trojan (RAT), QakBot Threat Score: 🔴 High (8.4/10) – Due to its ability to bypass traditional security measures, widespread distribution, and potential
4 min read
PJobRAT Returns: New Campaign Distributes Malware via Counterfeit IM Apps
Malware

PJobRAT Returns: New Campaign Distributes Malware via Counterfeit IM Apps

Threat Group: Unattributed (Historically linked to SideCopy) Threat Type: Remote Access Trojan (Android RAT) Exploited Vulnerabilities: Social Engineering, Compromised WordPress Sites Malware Used: PJobRAT (latest variant with shell command execution) Threat Score: 🔴 High (8.3/10) – Due to persistence, enhanced capabilities, and deception-based delivery Last Threat Observation: October 2024 (per
3 min read
Raspberry Robin Malware: USB Worm Turned Initial Access Powerhouse
Malware

Raspberry Robin Malware: USB Worm Turned Initial Access Powerhouse

Threat Group: Storm-0856 (Roshtyak) Threat Type: Initial Access Broker (IAB), Malware Loader, USB Worm Exploited Vulnerabilities: CVE-2023-36802, CVE-2023-29360 Malware Used: Raspberry Robin (aka Roshtyak, QNAP worm) Threat Score: 🔴 High (8.4/10) – Ongoing use by ransomware groups and Russian state-backed actors, with evolving delivery techniques and C2 infrastructure. Last Threat
3 min read
XCSSET Malware Threatens macOS Developer Community
Malware

XCSSET Malware Threatens macOS Developer Community

Threat Group: Unattributed Threat Type: Malware, Supply Chain Attack Exploited Vulnerabilities: Transparency Consent and Control (TCC) Zero-day Vulnerabilities Malware Used: XCSSET Threat Score: 🔴 High (8.4/10) – Advanced obfuscation, persistent infection mechanisms, and supply-chain attack potential Last Threat Observation: March 11, 2025 (Microsoft Security Blog) Overview XCSSET is a sophisticated,
3 min read
Malware Distribution Through Trusted Microsoft Graph API Channels
Malware

Malware Distribution Through Trusted Microsoft Graph API Channels

Threat Group: Various Advanced Persistent Threats (APTs) Threat Type: Malware Distribution, Data Exfiltration, Command-and-Control (C2) Exploited Vulnerabilities: Microsoft Graph API Abuse Malware Used: Havoc, FINALDRAFT, BirdyClient, Bluelight, Graphite, Graphican, SiestaGraph Threat Score: High (8.7/10) – Exploitation of trusted Microsoft services, advanced obfuscation, widespread potential data breaches. Last Threat Observation:
3 min read
MedusaLocker Variant ETHAN Deploys Stronger Encryption and Data Theft
Ransomware

MedusaLocker Variant ETHAN Deploys Stronger Encryption and Data Theft

Threat Group: MedusaLocker Threat Type: Ransomware Exploited Vulnerabilities: No specific vulnerabilities identified; relies on common malware distribution methods Malware Used: ETHAN Ransomware (variant of MedusaLocker) Threat Score: High (9.0/10) – Due to its double-extortion tactics, data encryption capabilities, and impact on critical business operations. Last Threat Observation: March 02,
3 min read
Auto-Color Linux Malware Deploys Newly Detected Zero-Day
Malware

Auto-Color Linux Malware Deploys Newly Detected Zero-Day

Threat Group – BlackCrescent Threat Type – Linux Malware Exploited Vulnerabilities – CVE-2025-1023, CVE-2024-3375, Possible Zero-Day Malware Used – Auto-Color Threat Score – High (8.6/10) Last Threat Observation – February 27, 2025 Overview Auto-Color is a Linux malware strain first identified in early November 2024. Rapidly gaining traction due to its advanced persistence, obfuscation
7 min read