"Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials."
TLP1 : Green
"Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks."
TLP1 : Green
"AWS outage has taken down millions of websites, including Amazon.com, Prime Video, Perplexity AI, Canva and more."
TLP1 : Green
This HTTP request smuggling bug (CVE-2025-55315) was found in the Kestrel ASP.NET Core web server, and it enables authenticated attackers to smuggle another HTTP request to hijack other users' credentials or bypass front-end security controls.
TLP1 : Green
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884
TLP1 : Green
"Microsoft is working to resolve an outage affecting its Azure Front Door content delivery network (CDN), which is preventing customers from accessing some Microsoft 365 services."
TLP1 : Green
"A convincing fake breach alert nearly tricked a Malwarebytes employee into giving away their 1Password credentials."
TLP1 : Green
"The Confucius hacking group, a long-running cyber-espionage operation with suspected state-sponsored ties, has significantly evolved its attack methodologies over the past year, transitioning from document stealers like WooperStealer to sophisticated Python-based backdoors including AnonDoor malware."
"Researchers tell CyberScoop that notorious ransomware group Clop may be behind the email barrage."
TLP1 : Green
A newly identified wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers. According to research by Sekoia.io’s Threat Detection & Research (TDR) team, the routers’ APIs were abused to send phishing text messages – a tactic that has repeatedly targeted Belgian users by impersonating official government services.
