top of page
ALL POSTS
CrowdStrike Dismantles Glassworm Botnet Targeting Open-Source Developer Supply Chain
Key Findings CrowdStrike, Google, and Shadowserver dismantled the Glassworm botnet by simultaneously taking down four command-and-control servers that powered a sophisticated supply chain attack campaign The Russia-based threat group infected over 300 GitHub repositories and compromised hundreds of open-source packages across npm, Python, and VSCode extensions since early 2025 Glassworm deployed a multi-layered resilience strategy using the Solana blockchain, BitTorrent DHT,
May 273 min read
Google Thwarted First AI-Generated Zero-Day Exploit Before Attack
Key Findings Google Threat Intelligence Group discovered a zero-day exploit developed entirely by artificial intelligence before attackers could deploy it at scale Code analysis revealed telltale AI artifacts including excessive documentation strings, highly annotated code, and a hallucinated CVSS score that don't match human developer patterns A well-known cybercrime group with a history of high-profile attacks and mass exploitation was preparing to use the exploit for finan
May 122 min read
AI Accelerates Flaw Discovery, Demanding Rapid Updates, UK NCSC Warns
Key Findings UK National Cyber Security Centre warns AI is accelerating vulnerability discovery, forcing organizations into urgent patching cycles Skilled attackers using AI can exploit technical debt across software ecosystems faster than ever before Organizations must prepare for a "patch wave" - a surge of critical updates arriving in compressed timeframes Patching alone is insufficient; legacy systems without vendor support require replacement or restoration Internet-faci
May 42 min read
Apple Warns iPhone Users to Update iOS Against Emerging Exploit Kits
Key Findings * Coruna and DarkSword exploit kits target outdated iOS versions * Apple warns users to update iOS to prevent data theft * Exploit kits can compromise iPhones through malicious web content * Devices running latest iOS versions are protected * Multiple threat actors are utilizing these exploit techniques Background Apple has identified significant security vulnerabilities in older iOS versions that can be exploited by sophisticated web-based attack frameworks. The
Mar 201 min read
Interlock Ransomware Group Exploits Cisco FMC Zero-Day Vulnerability 36 Days Before Disclosure
Key Findings * Interlock ransomware group exploited CVE-2026-20131 in Cisco FMC 36 days before public disclosure * Zero-day vulnerability allows unauthenticated remote code execution with root privileges * Amazon Threat Intelligence discovered exploitation using global honeypot network * Attackers used sophisticated multi-stage attack with custom tools and evasion techniques * Targeted sectors include education, healthcare, industry, and government Background The Interlock ra
Mar 192 min read
New .NET AOT Malware Conceals Code in Stealthy Black Box Architecture
Key Findings * New .NET AOT malware campaign discovered by Howler Cell researchers * Uses Ahead-of-Time (AOT) compilation to evade standard security detection * Multi-stage attack with sophisticated evasion techniques * Targets individual systems through phishing emails * Employs complex scoring system to determine victim validity Background The emergence of this malware represents a sophisticated evolution in cyberthreat techniques. Traditional malware detection relies on an
Mar 191 min read
Introducing Sophos Intelix for Microsoft Security Copilot
Key Findings Sophos is launching Sophos Intelix for Microsoft 365 Copilot, a powerful new integration that brings Sophos' world-class threat intelligence directly into the Microsoft 365 ecosystem. This seamless integration allows security analysts and IT professionals to instantly access, investigate, and respond to emerging cyber threats right from the Copilot chat interface, without leaving the Microsoft 365 environment. Sophos Intelix leverages the deep threat intelligence
Dec 6, 20252 min read
bottom of page
