Emerging Threats

The F5 BIG-IP Source Code Breach

The F5 BIG-IP Source Code Breach 2025-10-17 at 20:17 By Karl Sigler On August 9, F5 discovered that multiple systems were compromised by what it is calling a “highly sophisticated nation-state threat actor” who maintained “long-term, persistent access to certain F5 systems”. These included the BIG-IP product development environment and engineering knowledge management platform. That […]

The F5 BIG-IP Source Code Breach Read More »

SocGholish: Turning Application Updates into Vexing Infections

SocGholish: Turning Application Updates into Vexing Infections 2025-10-16 at 17:45 By Cris Tomboc This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently operating globally. This article is an excerpt from Trustwave Blog View

SocGholish: Turning Application Updates into Vexing Infections Read More »

Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security

Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security 2025-10-14 at 16:18 By Dora Miranda Bots and Web Application Security: Confront advanced bots that mimic humans, bypassing traditional security and enabling costly attacks like account takeover, data scraping, and API fraud. Proactive Bot Management: Implement a Managed WAAP

Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security Read More »

Manufacturing: Executives Voice Cyberattack Readiness Concerns

Manufacturing: Executives Voice Cyberattack Readiness Concerns 2025-10-06 at 17:12 By Manufacturing executives recently surveyed by LevelBlue expressed a deep concern that emerging attack methods, such as deepfakes and AI-powered attacks, will take place just as often as more traditional attacks. This article is an excerpt from Trustwave Blog View Original Source

Manufacturing: Executives Voice Cyberattack Readiness Concerns Read More »

US Secret Service Blocks Massive Telecom Attack in New York

US Secret Service Blocks Massive Telecom Attack in New York 2025-09-24 at 19:44 By Karl Sigler The Secret Service’s takedown in New York shines a light on a type of threat that is technically fascinating and deeply concerning for national security: large-scale cellular interception networks leveraging cell-site simulators (CSS), also known as IMSI catchers or

US Secret Service Blocks Massive Telecom Attack in New York Read More »

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk 2025-09-24 at 16:22 By LevelBlue’s newly released 2025 Spotlight Report: Cyber Resilience and Business Impact in Manufacturing, uncovered the different ways this sector has increased its understanding of the role cybersecurity must play moving forward, including the need to adopt

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk Read More »

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide 2025-09-17 at 16:00 By Cris Tomboc The threat group Storm-2603 is actively exploiting Microsoft SharePoint vulnerabilities to gain unauthorized access to critical infrastructure worldwide. Their attacks use a specialized toolkit and have a dual motive: espionage and financial gain through deploying ransomware. This highlights the urgent need

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide Read More »

From Shadow IT to Shadow AI: The Evolution of Unseen Risk

From Shadow IT to Shadow AI: The Evolution of Unseen Risk 2025-09-16 at 16:04 By Jon Spokes Security leaders are well acquainted with Shadow IT; the unsanctioned apps, services, and even devices employees adopt to bypass bureaucracy and accelerate productivity. This article is an excerpt from Trustwave Blog View Original Source

From Shadow IT to Shadow AI: The Evolution of Unseen Risk Read More »

Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses

Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses 2025-09-09 at 23:45 By Karl Sigler Trustwave’s Security & Compliance Team is aware of the Salesloft vulnerability affecting Drift chatbot integrations. Trustwave, A LevelBlue Company, and its affiliated entities do not utilize Drift, and Salesforce has confirmed the incident did not impact clients without this integration.

Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses Read More »

Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files

Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files 2025-09-05 at 23:42 By Tom Neaves AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both help identify attacks and assist analysts with working more efficiently; however, I’ve done a little bit of research one

Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files Read More »

Chinese-Sponsored Threat Actors Attacks Spur International Security Advisory

Chinese-Sponsored Threat Actors Attacks Spur International Security Advisory 2025-09-04 at 16:18 By When nearly two dozen of the world’s leading cybersecurity agencies issue a joint warning, it underscores the severity and the global reach of the threat at hand. This article is an excerpt from Trustwave Blog View Original Source

Chinese-Sponsored Threat Actors Attacks Spur International Security Advisory Read More »

Securing Healthcare’s Vulnerable Supply Chain

Securing Healthcare’s Vulnerable Supply Chain 2025-09-02 at 21:49 By Healthcare supply chains are increasingly vulnerable to cyber threats through third-party vendors, cloud services, and connected medical devices. Ransomware in healthcare can shut down critical systems, delay treatment, and endanger patient safety. Stronger cybersecurity standards, vendor risk management, and cross-border threat intelligence are vital to securing

Securing Healthcare’s Vulnerable Supply Chain Read More »

How Researchers Collect Indicators of Compromise

How Researchers Collect Indicators of Compromise 2025-08-14 at 23:06 By Messiah Dela Cruz As security researchers, we actively monitor the latest CVEs and their publicly available exploits to create signatures. Beyond CVEs, we also hunt for malware on platforms such as MalwareBazaar, which enhances our visibility into attacks occurring across networks. This article is an

How Researchers Collect Indicators of Compromise Read More »

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal 2025-08-13 at 21:40 By Nathaniel Morales and Nikita Kazymirskyi Trustwave SpiderLabs researchers have recently identified an EncryptHub campaign that combines social engineering with abuse of the Brave Support platform to deliver malicious payloads via the CVE-2025-26633 vulnerability. In this blog post, we will

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal Read More »

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation 2025-08-08 at 19:08 By Serhii Melnyk, Cris Tomboc, King Orande The Trustwave SpiderLabs CTI team began correlating telemetry from multiple enterprise environments in response to a rapidly developing threat landscape involving the widespread exploitation of Microsoft SharePoint on-premises infrastructure. In this blog, we share

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation Read More »

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor 2025-08-05 at 17:20 By Trustwave SpiderLabs’ latest research details the advanced persistent threat (APT) campaigns conducted by Silver Fox group, a significant and evolving threat actor. The likely China-based threat group primarily targets Chinese-speaking organizations. Trustwave SpiderLabs examines the tools, techniques, and procedures (TTPs)

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor Read More »

Using SQLmap to Dig for Sensitive Data in SQL Databases

Using SQLmap to Dig for Sensitive Data in SQL Databases 2025-07-22 at 16:41 By Karl Biron In our latest report Data Pirates’ Toolkit (Leveraging SQLmap for Unearthing Digital Gold), we take a comprehensive look at a tried-and-tested cyberattack methodology that threat actors can use to unlock sensitive and critical data from unsecured databases: SQL injection (SQLi)

Using SQLmap to Dig for Sensitive Data in SQL Databases Read More »

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies”

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” 2025-07-21 at 16:06 By Uncover how dark web “travel agencies” operate—from booking flights and hotels with stolen credentials to building customer-facing services that mimic legitimate platforms. Learn who uses dark web travel services and how unsuspecting consumers may get lured in through

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” Read More »

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies 2025-07-21 at 16:06 By Nikita Kazymirskyi Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. SpiderLabs reviewed the operation of four dark web travel agencies. Dark web travel agencies were not spotted targeting specific hotel chains or airlines; instead, they

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies Read More »

Scroll to Top