Emerging Threats

Operation Epic Fury Decoded: Iran’s Cyber Escalation Playbook Webinar Replay

Operation Epic Fury Decoded: Iran’s Cyber Escalation Playbook Webinar Replay 2026-03-09 at 17:02 By LevelBlue SpiderLabs has been tracking the very active and destructive cyber activities taking place during theongoing US-Israel-Iran war since it kicked off on March 2. This article is an excerpt from LevelBlue Blog View Original Source

Operation Epic Fury Decoded: Iran’s Cyber Escalation Playbook Webinar Replay Read More »

LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks

LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks 2026-02-28 at 10:37 By The manufacturing sector faces a 793% surge in cyberattacks, with APAC manufacturers being the primary targets worldwide. Sophisticated threat actors—including Lazarus Group, APT41, and Russian ransomware affiliates—are driving a wave of ransomware and cyber espionage campaigns against manufacturers. Ransomware and cyber

LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks Read More »

AI-Enabled Cyber Intrusions: What Two Recent Incidents Reveal for Corporate Counsel

AI-Enabled Cyber Intrusions: What Two Recent Incidents Reveal for Corporate Counsel 2026-01-06 at 17:02 By Daniel Ilan, Rahul Mukhi, Prudence Buckland, Melissa Faragasso This article was authored by Daniel Ilan, Rahul Mukhi, Prudence Buckland, and Melissa Faragasso from Cleary Gottlieb, and Brian Lichter and Elijah Seymour from Stroz Friedberg, a LevelBlue company. This article is

AI-Enabled Cyber Intrusions: What Two Recent Incidents Reveal for Corporate Counsel Read More »

LevelBlue Predictions 2026: The Never Ending Story Evolving Threats and Adversary Tactics

LevelBlue Predictions 2026: The Never Ending Story Evolving Threats and Adversary Tactics 2025-12-23 at 17:02 By As 2025 closes and we look toward 2026, the cybersecurity industry is bracing for radical changes that go beyond just intensifying existing problems. This article is an excerpt from LevelBlue Blog View Original Source

LevelBlue Predictions 2026: The Never Ending Story Evolving Threats and Adversary Tactics Read More »

Extortion-as-a-Service: The Latest Threat Actor Criminal Ecosystem

Extortion-as-a-Service: The Latest Threat Actor Criminal Ecosystem 2025-12-11 at 16:26 By Serhii Melnyk For centuries, threat actors, both cyber and physical, have understood the benefits of using extortion to further their criminal activities. This has led some cyber threat groups to create Extortion-as-a-Service (EaaS) businesses. These are a formalized way for cybercriminals to offer extortion

Extortion-as-a-Service: The Latest Threat Actor Criminal Ecosystem Read More »

Sha1-Hulud: The Second Coming of The New npm GitHub Worm

Sha1-Hulud: The Second Coming of The New npm GitHub Worm 2025-12-03 at 16:04 By Karl Sigler Sha1-Hulud is back with a new evolution of its supply-chain attack that targets development environments via Node Package Manager (npm). npm is a very popular package manager for Node.js that provides millions of predeveloped packages of code to be

Sha1-Hulud: The Second Coming of The New npm GitHub Worm Read More »

Handala’s Latest Publication Targets Israeli High-Tech Specialists

Handala’s Latest Publication Targets Israeli High-Tech Specialists 2025-11-26 at 20:39 By Arthur Erzberger The Handala hacker group has recently published a list of Israeli high-tech and aerospace professionals, accompanied by aggressive, misleading descriptions labeling them as criminals. Most of the data appears to have been scraped from LinkedIn, with no evidence of wrongdoing by the

Handala’s Latest Publication Targets Israeli High-Tech Specialists Read More »

SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp

SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp 2025-11-19 at 19:03 By Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi Trustwave SpiderLabs researchers have recently identified a banking Trojan we dubbed Eternidade Stealer, which is distributed through WhatsApp hijacking and social engineering lures. In this blog post, we will break down the techniques used in the

SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp Read More »

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287 2025-11-14 at 15:10 By Fernando Martinez LevelBlue Labs is tracking a severe vulnerability in Windows Server Update Services (WSUS), CVE-2025-59287, that allows attackers to remotely execute code without authentication and is being exploited by threat actors to compromise vulnerable Windows Server users. This

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287 Read More »

The Cat’s Out of the Bag: A ‘Meow Attack’ Data Corruption Campaign Simulation via MAD-CAT

The Cat’s Out of the Bag: A ‘Meow Attack’ Data Corruption Campaign Simulation via MAD-CAT 2025-11-07 at 19:39 By Karl Biron In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack), which explored the notorious Meow attack campaign that had plagued unsecured databases since 2020. That article focused

The Cat’s Out of the Bag: A ‘Meow Attack’ Data Corruption Campaign Simulation via MAD-CAT Read More »

Dissecting and Understanding APT Threat Group Activity

Dissecting and Understanding APT Threat Group Activity 2025-11-06 at 16:45 By Trustwave SpiderLabs CTI APT Groups Prioritize Espionage and Data Theft: Approximately two-thirds of all Trustwave SpiderLabs-tracked APT group activity is motivated by espionage, targeting government, defense, and telecom sectors primarily in the US, Ukraine, and Russia. Top Attacker Nations: China (41%), Iran (12.5%), and

Dissecting and Understanding APT Threat Group Activity Read More »

SpiderLabs Ransomware Tracker Update October 2025: Qlin Doubles Down on Attacks

SpiderLabs Ransomware Tracker Update October 2025: Qlin Doubles Down on Attacks 2025-11-04 at 17:18 By The worldwide ransomware landscape saw a dramatic shift in attacks in October 2025, jumping 41% month over month, with the most prolific attacker, Qlin, more than doubling the number of attacks it launched, according to Trustwave, A LevelBlue Company, research.

SpiderLabs Ransomware Tracker Update October 2025: Qlin Doubles Down on Attacks Read More »

Protecting the Systems that Sustain Us: Securing Critical Infrastructure During Cybersecurity Awareness Month

Protecting the Systems that Sustain Us: Securing Critical Infrastructure During Cybersecurity Awareness Month 2025-10-30 at 15:46 By To close out Trustwave’s, A LevelBlue Company, Cybersecurity Awareness Month 2025 coverage, we will take a look at securing critical infrastructure, one of the focus areas for the Cybersecurity and Infrastructure Security Agency (CISA). This article is an

Protecting the Systems that Sustain Us: Securing Critical Infrastructure During Cybersecurity Awareness Month Read More »

Bolstering Cybersecurity Resilience in the Public Sector

Bolstering Cybersecurity Resilience in the Public Sector 2025-10-29 at 19:07 By With digital transformation continuing unabated, the prevalence of legacy systems, and the rising interconnectedness of complex systems and services, organizations in the public sector face a plethora of challenges and cyber risks. This article is an excerpt from SpiderLabs Blog View Original Source

Bolstering Cybersecurity Resilience in the Public Sector Read More »

The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before you Engage

The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before you Engage 2025-10-23 at 17:11 By Grant Hutchons It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose. Legal scammers. This article

The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before you Engage Read More »

Scroll to Top