Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287
November 14, 2025 | Fernando Martinez
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
SharpParty: Process Injection in C#
November 11, 2025 | Will Rabb
This article also appears on the Stroz Friedberg, A LevelBlue Company, blog ...
The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT
November 07, 2025 | Karl Biron
In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of ...
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
November 04, 2025 | Serhii Melnyk
Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...
Public Sector Ransomware Attacks Relentlessly Continue
October 22, 2025 | Admin
In 2025, 36 years after the first ransomware attack was recorded, actors ...
The F5 BIG-IP Source Code Breach
October 17, 2025 | Karl Sigler
On August 9, F5 discovered that multiple systems were compromised by what it is ...
Data in the Dark: The Public Sector on the Dark Web
October 15, 2025 | Admin
The dark web serves as a refuge for threat actors to gather intel, trade ...
From Folding to Folded: Hacking High Volume Mailer Machines
September 30, 2025 | John Jackson
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for ...
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities
September 26, 2025 | Harold Zang
REDCap, developed by Vanderbilt University, is a secure platform designed for ...
US Secret Service Blocks Massive Telecom Attack in New York
September 24, 2025 | Karl Sigler
The Secret Service’s takedown in New York shines a light on a type of threat ...
Shades of Red: Redefining the Use of Red Flags in Cybersecurity and Insurance
September 18, 2025 | William Evers, Mudit Singhania, Scott Swanson
In cybersecurity, several related but divergent meanings have been ascribed to ...
Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses
September 09, 2025 | Karl Sigler
Trustwave's Security & Compliance Team is aware of the Salesloft ...
Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files
September 05, 2025 | Tom Neaves
AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both ...
Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner
August 28, 2025 | Karla Agregado
In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant ...
Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery
August 27, 2025 | Bolesław Szołtysik, Chris Tomboc, Serhii Melnyk
During a recent Advanced Continual Threat Hunt (ACTH) investigation, the ...
How Researchers Collect Indicators of Compromise
August 14, 2025 | Messiah Dela Cruz
As security researchers, we actively monitor the latest CVEs and their publicly ...
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal
August 13, 2025 | Nathaniel Morales and Nikita Kazymirskyi
Trustwave SpiderLabs researchers have recently identified an EncryptHub ...
Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation
August 08, 2025 | Serhii Melnyk, Cris Tomboc and King Orande
The Trustwave SpiderLabs CTI team began correlating telemetry from multiple ...
Understanding DocumentDB’s Network Security Trade-Offs: The VPC Challenge
August 05, 2025 | Selam Gebreananeya
AWS DocumentDB by default is securely isolated within a VPC, unreachable from ...
Back Up With Care, But Neglecting Patches can Leave You in Despair!
July 31, 2025 | Rox Harvey Rosales
CVE-2024-7348, which was discovered by Noah Misch, is a race condition ...
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
July 23, 2025 | Serhii Melnyk
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server ...
Using SQLmap to Dig for Sensitive Data in SQL Databases
July 22, 2025 | Karl Biron
In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing ...
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
July 21, 2025 | Nikita Kazymirskyi
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
July 18, 2025 | Serhii Melnyk
Malicious APKs (Android Package Kit files) continue to serve as one of the most ...
KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles
July 16, 2025 | Nathaniel Morales and John Basmayor
KAWA4096, a ransomware whose name includes "Kawa", the Japanese word for ...
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner
July 04, 2025 | Nikita Kazymirskyi
On July 3, 2025, Qantas confirmed in an update statement that a cyber incident ...
Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector
June 25, 2025 | Admin
Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors
June 24, 2025 | Nathaniel Morales
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and ...