CVE-2009-0556: The 2009 PowerPoint But that Refuses to Die
January 23, 2026 | Messiah Dela Cruz
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
Ni8mare on Automation Street: When Workflows Turn Into an Attack Path
January 15, 2026 | Nikita Kazymirskyi
CVE-2026-21858 (Ni8mare) is a maximum-severity vulnerability in self-hosted n8n ...
Preparing for the AI Job Market: A Security Professional's Roadmap
January 14, 2026 | David Broggy
Every now and then, LevelBlue SpiderLabs diverts a bit from its normal course ...
BEC Email Trends: Attacks up 15% in 2025
January 13, 2026 | Katrina Udquin
Business Email Compromise (BEC) is a sophisticated form of phishing attack in ...
Threat Intelligence News from LevelBlue SpiderLabs January 2026
January 06, 2026
January 2026
A 2025 Threat Trends Analysis
December 22, 2025 | Andrea Martinez and Peter Connolly
As 2025 winds down and cruises into the holiday season, it’s a good time to ...
Holiday Fraud 2025: Gift Card Schemes Exploiting Seasonal Shopping
December 19, 2025 | Serhii Melnyk
Children with a vision of a huge payout from Santa Claus are not the only ones ...
LevelBlue SpiderLabs: SQL Injection in Orkes Conductor: CVE-2025-66387
December 18, 2025 | Tim Stamopoulos
LevelBlue SpiderLabs has discovered a vulnerability in the Orkes Conductor ...
A Rising Tide of Threats: The Offshore Energy Industry’s Threat Landscape
December 12, 2025
Key Findings:
Threat Intelligence News from LevelBlue SpiderLabs December 2025
December 12, 2025
LevelBlue SpiderLabs is the threat intelligence unit of LevelBlue and includes ...
Sha1-Hulud: The Second Coming of The New npm GitHub Worm
December 03, 2025 | Karl Sigler
Sha1-Hulud is back with a new evolution of its supply-chain attack that targets ...
Handala's Latest Publication Targets Israeli High-Tech Specialists
November 26, 2025 | Arthur Erzberger
The Handala hacker group has recently published a list of Israeli high-tech and ...
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
November 19, 2025 | Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi
LevelBlue SpiderLabs researchers have recently identified a banking Trojan we ...
Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287
November 14, 2025 | Fernando Martinez
LevelBlue Labs is tracking a severe vulnerability in Windows Server Update ...
SharpParty: Process Injection in C#
November 11, 2025 | Will Rabb
This article also appears on the Stroz Friedberg, A LevelBlue Company, blog ...
The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT
November 07, 2025 | Karl Biron
In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of ...
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
November 04, 2025 | Serhii Melnyk
Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...
Bolstering Cybersecurity Resilience in the Public Sector
October 29, 2025
With digital transformation continuing unabated, the prevalence of legacy ...
Public Sector Ransomware Attacks Relentlessly Continue
October 22, 2025
In 2025, 36 years after the first ransomware attack was recorded, actors ...
The F5 BIG-IP Source Code Breach
October 17, 2025 | Karl Sigler
On August 9, F5 discovered that multiple systems were compromised by what it is ...
Data in the Dark: The Public Sector on the Dark Web
October 15, 2025
The dark web serves as a refuge for threat actors to gather intel, trade ...
Notepad++ DLL Hijacking (CVE-2025-56383): CVSS 8.4 or CVSS 0.0?
October 03, 2025
A vulnerability on a popular source-code editor has been recently released ...
Threat Intelligence News from LevelBlue SpiderLabs, October 2025
October 01, 2025
October 2025
From Folding to Folded: Hacking High Volume Mailer Machines
September 30, 2025 | John Jackson
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for ...
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities
September 26, 2025 | Harold Zang
REDCap, developed by Vanderbilt University, is a secure platform designed for ...
US Secret Service Blocks Massive Telecom Attack in New York
September 24, 2025 | Karl Sigler
The Secret Service’s takedown in New York shines a light on a type of threat ...
Shades of Red: Redefining the Use of Red Flags in Cybersecurity and Insurance
September 18, 2025 | William Evers, Mudit Singhania, Scott Swanson
In cybersecurity, several related but divergent meanings have been ascribed to ...
Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses
September 09, 2025 | Karl Sigler
Trustwave's Security & Compliance Team is aware of the Salesloft ...