News

Beyond the kill chain: What cybercriminals do with their money (Part 2)

Bys s May 15, 2025

In the second of our five-part series, Sophos X-Ops investigates the so-called ‘white’ (legitimate) business interests of threat actors

News

Why top SOC teams are shifting to Network Detection and Response
Bys s May 1, 2025

Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,

Read More Why top SOC teams are shifting to Network Detection and Response
News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Bys s February 6, 2026

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below – @dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2,…

Read More Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
News

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
Bys s October 30, 2025

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s

Read More ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
News

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Bys s December 12, 2025

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, first detected in August 2025, is designed to steal credentials and perform Man-in-the-Browser (MitB) attacks to capture one-time passwords (OTPs) and bypass multi-factor authentication (MFA). The kit

Read More New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
News

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Bys s September 9, 2025

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent phishing campaigns, according to new findings from ReliaQuest. “Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all other flagged user agents combined,”…

Read More Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
News

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
Bys s November 24, 2025

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad. “The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source

Read More ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

Similar Posts