Threat Intelligence News from LevelBlue SpiderLabs July 2025

July 01, 2025

July 2025

Tracing Blind Eagle to Proton66

June 27, 2025 | Serhii Melnyk

Trustwave SpiderLabs has assessed with high confidence that the threat group ...

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector

June 25, 2025

Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

June 24, 2025 | Nathaniel Morales

Dire Wolf is a newly emerged ransomware group first observed in May 2025 and ...

The Attack Vector: Database Triggers as Persistence Mechanisms

June 24, 2025 | Jose Tozo

Organizations often assume that restoring a backup to a patched environment ...

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone

June 18, 2025 | Arthur Erzberger

The Israel-Iran conflict is barely a week old, but the security repercussions ...

Threat Intelligence News from LevelBlue SpiderLabs June 2025

June 01, 2025

June 2025

Securely Adopting Digital Assets and Web3

May 28, 2025 | Lynn Burns

Digital assets are an emerging technology, and cybersecurity risk management ...

PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations

May 28, 2025 | Cris Tomboc and King Orande

Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the ...

The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution

May 23, 2025 | Muhammad Ahmad

Multi-agent systems (MAS) are reshaping industries from IT services to ...

Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025

May 21, 2025

As the summer travel season approaches, travelers worldwide are busy booking ...

Storm-0558 and the Dangers of Cross-Tenant Token Forgery

May 21, 2025 | Damian Archer

Modern cloud ecosystems often place a single identity provider in charge of ...

Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development

May 16, 2025 | Damian Archer

Dependency management is one of the biggest challenges in modern software ...

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

May 06, 2025 | Karl Biron

Let’s explore the critical role of Modbus in energy and manufacturing systems, ...

Bring Your Own Installer: Bypassing EDR Through Agent Version Change Interruption

May 05, 2025 | John Ailes and Tim Mashni

Bring Your Own Installer is a technique which can be used by threat actors to ...

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms

May 02, 2025 | Pauline Bolaños

A quarter century ago, a former computer science student from the Philippines ...

Threat Intelligence News from LevelBlue SpiderLabs May 2025

May 01, 2025

May 2025

Yet Another NodeJS Backdoor (YaNB): A Modern Challenge

April 29, 2025 | Reegun Jayapaul

During an Advanced Continual Threat Hunt (ACTH) investigation conducted in ...

Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks

April 21, 2025 | Tom Neaves

I think you’ll agree with me that growth in the AI landscape is pretty full-on ...

Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns

April 17, 2025 | Pawel Knapczyk, Dawid Nesterowicz

Earlier this year SpiderLabs observed an increase in mass scanning, credential ...

Maximizing Value: How Companies and Pentesters Can Achieve More Together

April 15, 2025 | Elijah Seymour, Rohit Kapur, Stephen Komal, Mark Stanislav (Fullstory)

A closer look at the collaborative efforts between Stroz Friedberg and ...

Proton66 Part 1: Mass Scanning and Exploit Campaigns

April 14, 2025 | Pawel Knapczyk, Dawid Nesterowicz

Trustwave SpiderLabs continuously tracks a range of malicious activities ...

Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks

April 10, 2025 | Bernard Bautista and Kevin Adriano

Ever thought an image file could be part of a cyber threat? The Trustwave ...

Tycoon2FA New Evasion Technique for 2025

April 10, 2025 | Rodel Mendrez

The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at ...

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

April 08, 2025 | Serhii Melnyk and Nikita Kazymirskyi

In February 2025, the cybersecurity community witnessed an unprecedented leak ...

Threat Intelligence News from LevelBlue SpiderLabs April 2025

April 01, 2025

April 2025

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’

April 01, 2025 | John Basmayor

An investigation that started with a tip from one of our threat intel sources ...

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

March 26, 2025

Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks ...