Pro-Russian and pro-Palestinian hacktivist groups share a common adversary in France, leading to coordinated cyberattacks against the country.

Russian hacktivist groups Z-Pentest and People’s Cyber Army escalate attacks on U.S. energy and water systems. Learn about their tactics and how to mitigate risks

A critical PHP vulnerability (CVE-2022-31631) could expose websites and applications to SQL injection attacks, leading to data breaches and system compromise.

WordPress plugins are under active attack, a new banking trojan is spreading, and phishing and brute-force attacks continue unabated.

A cloud extortion campaign exploited misconfigured AWS .env files to target 110,000 domains, stealing credentials and ransoming cloud storage data.

Cyble observes how Dark Web forums reveal ServiceNow users falling victim to a Remote Code Execution vulnerability, which exposes sensitive data & escalates risks across sectors.

CRIL investigates DragonForce Ransomware and its links to a leaked LOCKBIT Builder.

Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.

Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors.

Cyble analyses Darkrace Ransomware, a new ransomware group shares similarities with infamous LockBit Ransomware.

CRIL analyzes AMOS, a stealthy new information stealer targeting macOS and disseminating stolen information via Telegram.

CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.

CRIL analyzes Cylance, a new Ransomware variant that uses command-line options to target both Windows and Linux users.

Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.

Open-Source Stealer Widely Abused by Threat Actors
The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.

Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.

Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.

Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.

Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,

New YouTube Bot Malware Spotted Stealing User’s Sensitive Information