REPORT 2025 2026 2025 2024 2023 2022 2020 2019 2018 2017
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
|
20.12.25 |
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts |
|||
| 14.12.25 |
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure |
This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Reduce Cyber Threats to Operational Technology and European Cybercrime Centre’s (EC3) Operation Eastwood.. | REPORT | REPORT |
| 13.12.25 |
Ransomware Trends in Bank Secrecy Act Data Between 2022 and 2024 |
This Financial Trend Analysis (FTA) focuses on ransomware patterns and trends identified in Bank Secrecy Act (BSA) data. The Financial Crimes Enforcement Network (FinCEN) is issuing this report pursuant to section 6206 of the Anti-Money Laundering Act of 2020 (codified at 31 U.S.C. § 5318(g)(6) (B)), which requires periodic publication of BSA-derived threat pattern and trend information. | REPORT | RANSOM |
| 30.11.25 | Public Report: Android Quick Share Application Penetration Test |
NetSPI performed an analysis of Google LLC’s implementation
of Quick Share to identify vulnerabilities, determine the level of risk they present to Google, and provide actionable recommendations to reduce this risk. |
REPORT | REPORT |
| 26.11.25 |
Market Opportunities and Advanced Strategies Increase the Impact and Resilience of Purchase Scams |
Purchase scams are a major emerging fraud threat in which threat actors use fake e-commerce stores to steal victim data and accept victim card payments for non-existent goods and services. | REPORT | REPORT |
| 24.11.25 | Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) | AhnLab SEcurity intelligence Center (ASEC) has identified an attack where the remote code execution vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, was exploited to distribute the ShadowPad malware. | REPORT | REPORT |
| 23.11.25 | WrtHug | Thousands of ASUS Routers Hijacked in Global Operation “WrtHug” in a Suspected China-Backed Campaign | REPORT | REPORT |
| 23.11.25 | Rhadamanthys Historical Bot Infections Special Report | Rhadamanthys Historical Bot Infections Special Report | REPORT | REPORT |
| 23.11.25 | Akira Ransomware | This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. | REPORT | REPORT |
|
18.11.25 |
Morphisec Thwarts Sophisticated Tuoni C2 Attack on US Real Estate Fi |
In October 2025, Morphisec’s anti-ransomware prevention platform stopped a highly advanced cyberattack targeting a major U.S. real estate company. |
||
|
14.11.25 |
Disrupting the first reported AI-orchestrated cyber espionage campaing |
We have developed sophisticated safety and security measures to prevent the misuse of our AI models. |
||
| 7.11.25 | ESET APT Activity Report Q2 2025–Q3 2025 | RUSSIA-ALIGNED APTs RAMP UP ATTACKS AGAINST UKRAINE AND ITS STRATEGIC PARTNERS | REPORT | REPORT |
| 25.10.25 | Cybereason TTP Briefing Q3 2025 | Cybereason TTP Briefing Q3 2025: LOLBINs and CVE Exploits Dominate | REPORT | REPORT |
| 28.8.25 |
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System |
People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. | REPORT | REPORT |
| 20.7.25 |
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Provide |
Between December 2024 and January 2025, Recorded Future’s
Insikt Group identified a campaign exploiting unpatched internet-facing Cisco network devices primarily associated with global telecommunications providers. |
REPORT | REPORT |
| 4.7.25 | The Continuous Evolution of Ad Fraud Exploiting App Stores as a Front | The IAS Threat Lab has uncovered "Kaleidoscope," an insidiously adaptive Android ad fraud operation that employs legitimate-looking apps hosted on Google Play as a deceptive façade, while its malicious duplicate counterparts, distributed predominantly through third-party app stores, drive fraudulent ad supply. | REPORT | REPORT |
| 3.7.25 | HOUKEN | SEEKING A PATH BY LIVING ON THE EDGE WITH ZERO-DAYS | REPORT | REPORT |
| 1.7.25 |
Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest |
The Cybersecurity and
Infrastructure Security Agency (CISA), Federal Bureau of Investigation
(FBI), the Department of Defense Cyber Crime Center (DC3), and the
National Security Agency (NSA) (hereafter referred to as the authoring agencies) strongly urge organizations to remain vigilant for potential targeted cyber activity against U.S. critical infrastructure and other U.S. entities by Iranian-affiliated cyber actors. |
REPORT | REPORT |
| 29.6.25 | PrintScan Hacks: Identifying multiple vulnerabilities across multiple Brother devices | Identifying multiple vulnerabilities across multiple Brother devices | REPORT | REPORT |
| 28.6.25 | LapDogs, The New ORB in Town | SecurityScorecard’s STRIKE research team has identified a new suspected China-Nexus network of Operational Relay Boxes (ORB) called “LapDogs” targeting primarily Linux-based Small Office/Home Office (SOHO) devices around the globe. | REPORT | REPORT |
| 26.6.25 | Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations | The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that, as of August 2024, a group of Iran-based cyber actors continues to exploit U.S. and foreign organizations. T | REPORT | REPORT |
| 26.6.25 |
PRC cyber
actors target telecommunications companies as part of a global cyberespionage campaign |
People’s Republic of China cyber threat activity | REPORT | REPORT |
| 14.6.25 | 2024 INTERNET CRIME REPORT | 2024 INTERNET CRIME REPORT | REPORT | REPORT |
| 14.6.25 | 2023 INTERNET CRIME REPORT | 2023 INTERNET CRIME REPORT | REPORT | REPORT |
| 11.6.25 | Salesforce Industry Clouds: Low-Code, High Stakes |
Salesforce industry clouds are a suite of Salesforce
solutions, each of which enables organizations to build industry-specific applications and workflows in a simplified low-code manner. |
REPORT | REPORT |
| 10.6.25 | Disrupting malicious uses of AI: June 2025 | Our mission is to ensure that artificial general intelligence benefits all of humanity. We advance this mission by deploying our innovations to build AI tools that help people solve really hard problems. | REPORT | REPORT |
| 8.6.25 | REVIEW OF THE ATTACKS ASSOCIATED WITH LAPSUS$ AND RELATED THREAT GROUPS | Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world. | REPORT | REPORT |
| 8.6.25 | Infostealer Pipeline | The Infostealer Pipeline: How Russian Market Fuels Credential-Based Attacks | REPORT | REPORT |
| 5.6.25 |
BitterAPT Revisited: the Untold Evolution of an Android Espionage Tool |
In 2016, a sophisticated malware campaign targeting Pakistani nationals made headlines. Dubbed Bitter[4], the Advanced Persistent Threat group (also known as APT-C-08 [5]) has been active both in desktop and mobile malware campaigns for quite a long time, as their activity seems to date back to 2014. | REPORT | REPORT |
| 1.6.25 | Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025 | The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull). | REPORT | REPORT |
| 1.6.25 | NodeSnake Malware Campaign | Threat Intelligence NodeSnake Malware Campaign | REPORT | REPORT |
| 5.6.25 |
BitterAPT Revisited: the Untold Evolution of an Android Espionage Tool |
In 2016, a sophisticated malware campaign targeting Pakistani nationals made headlines. Dubbed Bitter[4], the Advanced Persistent Threat group (also known as APT-C-08 [5]) has been active both in desktop and mobile malware campaigns for quite a long time, as their activity seems to date back to 2014. | REPORT | REPORT |
| 25.5.25 | Silent Ransom Group Targeting Law Firm | The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims | REPORT | REPORT |
| 25.5.25 | Russian GRU Targeting Western Logistics Entities and Technology Companies |
This joint cybersecurity advisory (CSA) highlights a Russian
state-sponsored cyber campaign targeting Western logistics entities and technology companies |
REPORT | REPORT |
| 22.5.25 | Russian GRU Targeting Western Logistics Entities and Technology Compani | This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. | REPORT | REPORT |
| 20.5.25 | ESET APT Activity Report Q4 2024–Q1 2025 | An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2024 and Q1 2025 | REPORT | REPORT |