ALL POSTS

Key Findings China-based Storm-1175 executes rapid ransomware attacks, sometimes completing full intrusions within 24 hours The group exploits newly disclosed vulnerabilities before organizations can patch them, leveraging over 16 different flaws since 2023 Primary targets include healthcare, education, finance, and services sectors across the US, UK, and Australia Storm-1175 has weaponized zero-day exploits before public disclosure, demonstrating advanced capabilities The gr

Key Findings CISA added CVE-2026-3502, a flaw in TrueConf Client, to its Known Exploited Vulnerabilities catalog on April 2, 2026 The vulnerability has a CVSS score of 7.8 and allows attackers to download and install malicious updates without integrity verification Threat actors are actively exploiting this flaw by compromising TrueConf servers and replacing legitimate update files with malicious payloads Check Point researchers attributed a wave of attacks called Operation T