| CVE (if applicable) | |||||||
|---|---|---|---|---|---|---|---|
A Vietnamese threat actor's shift from PXA Stealer to PureRAT | Huntress | - | Vietnam | 09/26/2025 | 09/26/2025 | No CVE | 0 | |
CISA Shares Lessons Learned from an Incident Response Engagement | CISA | - | - | 09/22/2025 | 09/22/2025 | CVE-2024-36401CVE-2016-5195 | 0 | |
Kawabunga, Dude, You’ve Been Ransomed! | Huntress | - | China | 09/16/2025 | 09/16/2025 | No CVE | 0 | |
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks | Trend Micro (US) | - | - | 09/11/2025 | 09/11/2025 | No CVE | 0 | |
Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner | - | - | 08/28/2025 | 08/28/2025 | No CVE | 0 | |
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents | Trend Micro (US) | - | China | 08/28/2025 | 08/28/2025 | No CVE | 0 | |
Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery | - | - | 08/27/2025 | 08/27/2025 | No CVE | 0 | |
Rapid Response: CVE-2025-7776 | - | - | 08/27/2025 | 08/27/2025 | CVE-2023-43208CVE-2023-34992+1 | 0 | |
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System | CISA | GhostEmperor | China | 08/25/2025 | 08/25/2025 | CVE-2024-3400CVE-2023-46805+4 | 0 | |
Phishing in the Cloud: SendGrid Campaign Exploits Account Security | - | - | 08/21/2025 | 08/21/2025 | No CVE | 0 | |
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress | - | - | 08/16/2025 | 08/16/2025 | CVE-2024-1708CVE-2024-1709 | 0 | |
This 'SAP Ariba Quote' Isn't What It Seems—It's Ransomware | - | - | 08/14/2025 | 08/14/2025 | No CVE | 0 | |
Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks | Trend Micro (US) | - | - | 08/14/2025 | 08/14/2025 | No CVE | 0 | |
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal | - | - | 08/13/2025 | 10/02/2025 | CVE-2025-26633 | 393 | |
Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation | APT31 | China | 08/08/2025 | 08/08/2025 | CVE-2019-0604 | 0 | |
Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto | SentinelOne | - | - | 08/05/2025 | 08/05/2025 | No CVE | 0 | |
Active Exploitation of SonicWall VPNs | Huntress | - | - | 08/05/2025 | 08/05/2025 | No CVE | 0 | |
Active Exploitation of Microsoft SharePoint Vulnerabilities | - | - | 07/31/2025 | 07/31/2025 | CVE-2024-36401CVE-2024-1182+2 | 0 | |
In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies | APT31 | China | 07/23/2025 | 07/23/2025 | No CVE | 0 | |
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies | APT31 | China | 07/23/2025 | 07/23/2025 | No CVE | 0 | |
Zoom Phishing Scam Mimics Connection Issues to Steal Logins | - | - | 07/23/2025 | 07/23/2025 | No CVE | 0 | |
#StopRansomware: Interlock | CISA | - | - | 07/21/2025 | 07/21/2025 | No CVE | 0 | |
Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild | Huntress | - | - | 07/11/2025 | 07/11/2025 | No CVE | 0 | |
BERT Ransomware Group Targets Asia and Europe on Multiple Platforms | Trend Micro (US) | - | - | 07/07/2025 | 07/07/2025 | No CVE | 0 | |
LightSpy Malware Variant Targeting macOS | Huntress | - | - | 07/04/2025 | 07/04/2025 | No CVE | 0 |
Rows per page
Page 1 of 55