Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files
September 05, 2025 | Tom Neaves
AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both ...
Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner
August 28, 2025 | Karla Agregado
In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant ...
Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery
August 27, 2025 | Bolesław Szołtysik, Chris Tomboc, Serhii Melnyk
During a recent Advanced Continual Threat Hunt (ACTH) investigation, the ...
How Researchers Collect Indicators of Compromise
August 14, 2025 | Messiah Dela Cruz
As security researchers, we actively monitor the latest CVEs and their publicly ...
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal
August 13, 2025 | Nathaniel Morales and Nikita Kazymirskyi
Trustwave SpiderLabs researchers have recently identified an EncryptHub ...
Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation
August 08, 2025 | Serhii Melnyk, Cris Tomboc and King Orande
The Trustwave SpiderLabs CTI team began correlating telemetry from multiple ...
Understanding DocumentDB’s Network Security Trade-Offs: The VPC Challenge
August 05, 2025 | Selam Gebreananeya
AWS DocumentDB by default is securely isolated within a VPC, unreachable from ...
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
July 23, 2025 | Serhii Melnyk
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server ...
Using SQLmap to Dig for Sensitive Data in SQL Databases
July 22, 2025 | Karl Biron
In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing ...
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
July 21, 2025 | Nikita Kazymirskyi
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
July 18, 2025 | Serhii Melnyk
Malicious APKs (Android Package Kit files) continue to serve as one of the most ...
KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles
July 16, 2025 | Nathaniel Morales and John Basmayor
KAWA4096, a ransomware whose name includes "Kawa", the Japanese word for ...
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner
July 04, 2025 | Nikita Kazymirskyi
On July 3, 2025, Qantas confirmed in an update statement that a cyber incident ...
Tracing Blind Eagle to Proton66
June 27, 2025 | Serhii Melnyk
Trustwave SpiderLabs has assessed with high confidence that the threat group ...
Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector
June 25, 2025
Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors
June 24, 2025 | Nathaniel Morales
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and ...
The Attack Vector: Database Triggers as Persistence Mechanisms
June 24, 2025 | Jose Tozo
Organizations often assume that restoring a backup to a patched environment ...
The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone
June 18, 2025 | Arthur Erzberger
The Israel-Iran conflict is barely a week old, but the security repercussions ...
Securely Adopting Digital Assets and Web3
May 28, 2025 | Lynn Burns
Digital assets are an emerging technology, and cybersecurity risk management ...
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations
May 28, 2025 | Cris Tomboc and King Orande
Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the ...
The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution
May 23, 2025 | Muhammad Ahmad
Multi-agent systems (MAS) are reshaping industries from IT services to ...
Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025
May 21, 2025
As the summer travel season approaches, travelers worldwide are busy booking ...
Storm-0558 and the Dangers of Cross-Tenant Token Forgery
May 21, 2025 | Damian Archer
Modern cloud ecosystems often place a single identity provider in charge of ...
Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development
May 16, 2025 | Damian Archer
Dependency management is one of the biggest challenges in modern software ...
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
May 06, 2025 | Karl Biron
Let’s explore the critical role of Modbus in energy and manufacturing systems, ...
Bring Your Own Installer: Bypassing EDR Through Agent Version Change Interruption
May 05, 2025 | John Ailes and Tim Mashni
Bring Your Own Installer is a technique which can be used by threat actors to ...
A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms
May 02, 2025 | Pauline Bolaños
A quarter century ago, a former computer science student from the Philippines ...
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
April 29, 2025 | Reegun Jayapaul
During an Advanced Continual Threat Hunt (ACTH) investigation conducted in ...