Login Subscribe

Vulnerabilities & Exploits

Shadow Campaigns: Global Espionage Exploiting SAP and Exchange Flaws

Shadow Campaigns: Global Espionage Exploiting SAP and Exchange Flaws

Palo Alto Networks Unit 42 uncovered a coordinated espionage operation dubbed “Shadow Campaigns” that chains together multiple high‑severity vulnerabilities to breach target networks. The actors first compromise Microsoft Exchange servers using the CVE‑2023‑23397 remote code execution flaw, then move laterally to SAP Solution Manager instances, where they

Inside the Mind of Phishers: Why Even Experts Bite

Inside the Mind of Phishers: Why Even Experts Bite

Palo Alto Networks’ Unit42 dissected recent phishing campaigns to uncover the cognitive levers that lure even security‑savvy users. Their study shows attackers weaponize urgency (“Your account will be locked”), perceived authority (spoofed executives or IT staff), and social proof (fake endorsements or shared documents) to override rational decision‑making.

New Check Point Report Flags Ransomware Surge, Supply‑Chain Threats, Credential‑Stuffing Spike

New Check Point Report Flags Ransomware Surge, Supply‑Chain Threats, Credential‑Stuffing Spike

Check Point’s February 2, 2026 Threat Intelligence Report highlights a sharp uptick in ransomware activity, more sophisticated supply‑chain exploitation, and a resurgence of credential‑stuffing attacks across finance, healthcare, retail, and critical infrastructure. The ransomware landscape now favors double‑extortion tactics, where threat actors encrypt data and threaten

Falcon Scores Perfect 100% in SE Labs Ransomware Challenge

Falcon Scores Perfect 100% in SE Labs Ransomware Challenge

CrowdStrike announced that its Falcon endpoint protection platform earned a flawless 100% score in SE Labs’ most demanding ransomware evaluation. The independent test exercised Falcon’s ability to detect, block, and remediate a wide array of ransomware families, including variants that use sophisticated evasion techniques such as file‑less execution,

Public Toolkits Surge in Attacks, CISA Warns Defenders

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory highlighting a sharp increase in the use of publicly available hacking toolkits across global cyber incidents. The agency cataloged several widely seen packages—including ransomware builders, credential‑dumping utilities, and automated exploitation frameworks—and noted that threat actors are increasingly

Critical SolarWinds Web Help Desk Flaw Actively Exploited, Remote Code Execution Possible

Critical SolarWinds Web Help Desk Flaw Actively Exploited, Remote Code Execution Possible

A remote code execution vulnerability (CVE‑2024‑XXXX) has been discovered in SolarWinds Web Help Desk and is now being leveraged by threat actors in the wild. The flaw resides in the application’s API endpoint, allowing unauthenticated attackers to inject malicious payloads that execute arbitrary code on the underlying

Amaranth‑Dragon Weaponizes CVE‑2025‑8088 in Southeast Asian Espionage Surge

Amaranth‑Dragon Weaponizes CVE‑2025‑8088 in Southeast Asian Espionage Surge

Check Point researchers have traced a new wave of activity to the Amaranth‑Dragon threat group, a known offshoot of APT‑41. The actors are exploiting the freshly disclosed CVE‑2025‑8088 flaw in a widely deployed enterprise software suite to gain initial footholds across government agencies and private‑sector