Sha1-Hulud: The Second Coming of The New npm GitHub Worm 2025-12-03 at 16:04 By Karl Sigler Sha1-Hulud is back with a new evolution of its supply-chain attack that targets development environments via Node Package Manager (npm). npm is a very popular package manager for Node.js that provides millions of predeveloped packages of code to be […]
Sha1-Hulud: The Second Coming of The New npm GitHub Worm Read More »
Defining and Defending Against a Zero Day Attack 2025-12-02 at 16:35 By Unexpected attacks are the hardest to fend off. This article is an excerpt from Trustwave Blog View Original Source
Defining and Defending Against a Zero Day Attack Read More »
Handala’s Latest Publication Targets Israeli High-Tech Specialists 2025-11-26 at 20:39 By Arthur Erzberger The Handala hacker group has recently published a list of Israeli high-tech and aerospace professionals, accompanied by aggressive, misleading descriptions labeling them as criminals. Most of the data appears to have been scraped from LinkedIn, with no evidence of wrongdoing by the
Handala’s Latest Publication Targets Israeli High-Tech Specialists Read More »
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp 2025-11-19 at 19:03 By Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi Trustwave SpiderLabs researchers have recently identified a banking Trojan we dubbed Eternidade Stealer, which is distributed through WhatsApp hijacking and social engineering lures. In this blog post, we will break down the techniques used in the
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp Read More »
Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287 2025-11-14 at 15:10 By Fernando Martinez LevelBlue Labs is tracking a severe vulnerability in Windows Server Update Services (WSUS), CVE-2025-59287, that allows attackers to remotely execute code without authentication and is being exploited by threat actors to compromise vulnerable Windows Server users. This
The Cat’s Out of the Bag: A ‘Meow Attack’ Data Corruption Campaign Simulation via MAD-CAT 2025-11-07 at 19:39 By Karl Biron In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack), which explored the notorious Meow attack campaign that had plagued unsecured databases since 2020. That article focused
Dissecting and Understanding APT Threat Group Activity 2025-11-06 at 16:45 By Trustwave SpiderLabs CTI APT Groups Prioritize Espionage and Data Theft: Approximately two-thirds of all Trustwave SpiderLabs-tracked APT group activity is motivated by espionage, targeting government, defense, and telecom sectors primarily in the US, Ukraine, and Russia. Top Attacker Nations: China (41%), Iran (12.5%), and
Dissecting and Understanding APT Threat Group Activity Read More »
SpiderLabs Ransomware Tracker Update October 2025: Qlin Doubles Down on Attacks 2025-11-04 at 17:18 By The worldwide ransomware landscape saw a dramatic shift in attacks in October 2025, jumping 41% month over month, with the most prolific attacker, Qlin, more than doubling the number of attacks it launched, according to Trustwave, A LevelBlue Company, research.
SpiderLabs Ransomware Tracker Update October 2025: Qlin Doubles Down on Attacks Read More »
Protecting the Systems that Sustain Us: Securing Critical Infrastructure During Cybersecurity Awareness Month 2025-10-30 at 15:46 By To close out Trustwave’s, A LevelBlue Company, Cybersecurity Awareness Month 2025 coverage, we will take a look at securing critical infrastructure, one of the focus areas for the Cybersecurity and Infrastructure Security Agency (CISA). This article is an
Bolstering Cybersecurity Resilience in the Public Sector 2025-10-29 at 19:07 By With digital transformation continuing unabated, the prevalence of legacy systems, and the rising interconnectedness of complex systems and services, organizations in the public sector face a plethora of challenges and cyber risks. This article is an excerpt from SpiderLabs Blog View Original Source
Bolstering Cybersecurity Resilience in the Public Sector Read More »
The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before you Engage 2025-10-23 at 17:11 By Grant Hutchons It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose. Legal scammers. This article
The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before you Engage Read More »
API Security: Challenges for a Secure Digital Frontier 2025-10-21 at 19:13 By Dora Miranda Organizations continue their digital transformation, with APIs now serving as the main communication links between applications, platforms, services, and partners. This article is an excerpt from Trustwave Blog View Original Source
API Security: Challenges for a Secure Digital Frontier Read More »
The F5 BIG-IP Source Code Breach 2025-10-17 at 20:17 By Karl Sigler On August 9, F5 discovered that multiple systems were compromised by what it is calling a “highly sophisticated nation-state threat actor” who maintained “long-term, persistent access to certain F5 systems”. These included the BIG-IP product development environment and engineering knowledge management platform. That
The F5 BIG-IP Source Code Breach Read More »
SocGholish: Turning Application Updates into Vexing Infections 2025-10-16 at 17:45 By Cris Tomboc This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently operating globally. This article is an excerpt from Trustwave Blog View
SocGholish: Turning Application Updates into Vexing Infections Read More »
Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security 2025-10-14 at 16:18 By Dora Miranda Bots and Web Application Security: Confront advanced bots that mimic humans, bypassing traditional security and enabling costly attacks like account takeover, data scraping, and API fraud. Proactive Bot Management: Implement a Managed WAAP
Manufacturing: Executives Voice Cyberattack Readiness Concerns 2025-10-06 at 17:12 By Manufacturing executives recently surveyed by LevelBlue expressed a deep concern that emerging attack methods, such as deepfakes and AI-powered attacks, will take place just as often as more traditional attacks. This article is an excerpt from Trustwave Blog View Original Source
Manufacturing: Executives Voice Cyberattack Readiness Concerns Read More »
US Secret Service Blocks Massive Telecom Attack in New York 2025-09-24 at 19:44 By Karl Sigler The Secret Service’s takedown in New York shines a light on a type of threat that is technically fascinating and deeply concerning for national security: large-scale cellular interception networks leveraging cell-site simulators (CSS), also known as IMSI catchers or
US Secret Service Blocks Massive Telecom Attack in New York Read More »
LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk 2025-09-24 at 16:22 By LevelBlue’s newly released 2025 Spotlight Report: Cyber Resilience and Business Impact in Manufacturing, uncovered the different ways this sector has increased its understanding of the role cybersecurity must play moving forward, including the need to adopt
Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide 2025-09-17 at 16:00 By Cris Tomboc The threat group Storm-2603 is actively exploiting Microsoft SharePoint vulnerabilities to gain unauthorized access to critical infrastructure worldwide. Their attacks use a specialized toolkit and have a dual motive: espionage and financial gain through deploying ransomware. This highlights the urgent need
Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide Read More »
From Shadow IT to Shadow AI: The Evolution of Unseen Risk 2025-09-16 at 16:04 By Jon Spokes Security leaders are well acquainted with Shadow IT; the unsanctioned apps, services, and even devices employees adopt to bypass bureaucracy and accelerate productivity. This article is an excerpt from Trustwave Blog View Original Source
From Shadow IT to Shadow AI: The Evolution of Unseen Risk Read More »