It takes two: The 2025 Sophos Active Adversary Report
The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you
Similar Posts
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Bys sCybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports. The list of vulnerabilities, which are yet to be
Personal Details of Thousands of Border Patrol and ICE Agents Allegedly Leaked in Huge Data Breach
Bys sTom Latchem reports: Sensitive details of around 4,500 ICE and Border Patrol employees—including almost 2,000 agents working in frontline enforcement—have allegedly been released by a Department of Homeland Security whistleblower following last week’s fatal shooting of Renee Nicole Good. The Jan. 7 killing of the mother by ICE agent Jonathan Ross in Minneapolis, Minnesota, has……
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks
Bys sA 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire…
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Bys sMicrosoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that…
GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions
Bys sA newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that are designed to impersonate popular cryptocurrency wallets and steal more than $1 million in digital assets. The published browser add-ons masquerade as MetaMask, TronLink, Exodus, and Rabby Wallet, among others, Koi Security researcher Tuval Admoni said. What makes…
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Bys sThe malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours…