logo

CloudSEK Blog

ID: b5e5ee66-805b-57ee-98ef-1f82f724f068

STIX ID: identity--b5e5ee66-805b-57ee-98ef-1f82f724f068

Feed Type: rss

Earliest post: 2020-07-23

Latest post: 2026-06-23

Brief blog entries by the CloudSEK Team about new and emerging cyber threats, vulnerabilities, and attack vectors so that organizations can stay ahead of the latest threats.

01/01/2020
07/14/2026
Title Date Published Describes IncidentAuthorVisible
THE 5060 SIEGE - Industrialized Attacks Against the SIP Telephony Ecosystem2026-06-23TrueTrue
Inside the FortiBleed Open Directory: A Technical Analysis of What the Attacker Left Behind2026-06-19TrueTrue
Operation Escaneo: Infrastructure Exposure, TTP Analysis, and Attribution Assessment of an Advanced Intrusion Campaign Against Mexican Federal Agencies and Financial Institutions2026-06-17TrueTrue
Bluekit Phishing as a Service (PhaaS)2026-06-17TrueTrue
Chinese Origin Threat Actors Target FIFA World Cup 20262026-06-11TrueTrue
Inside a WooCommerce Payment Skimmer: How Carders Moved From Phishing Pages to Checkout Backdoors2026-06-10TrueTrue
How an Unauthenticated MCP Server Led to SSRF, LFI, and AWS Credential Theft2026-06-02TrueTrue
RedSun: Windows 0day when Defender becomes the attacker2026-04-17TrueTrue
Kitten Had the Map all Along : RAISING GCC TENSIONS & THE PRE-POSITIONING MAP2026-04-09TrueTrue
Hardcoded Google API Keys in Top Android Apps Now Expose Gemini AI2026-04-07TrueTrue
Large Scale Traffic Brokerage Campaign using Fake Lures targeting Global Brands Across Multiple Regions2026-04-07TrueTrue
The Scanner Was the Weapon: 36 Months of Precision Supply Chain Attacks Against DevSecOps Infrastructure2026-04-01TrueTrue
p6.arpa Wildcard Abuse: Hunting Phishing Infrastructure Across IPv6 Prefixes2026-03-25TrueTrue
Honey for Hackers: A Study of Attacks Targeting the Recent CVE-2026-21962 and Other Critical WebLogic Vulnerabilities on a High Interactive Oracle Honeypot2026-03-25TrueTrue
ip6.arpa Wildcard Abuse: Hunting Phishing Infrastructure Across IPv6 Prefixes2026-03-25TrueTrue
MacSync Stealer: SEO Poisoning and ClickFix-Based macOS Malware Delivery Chain2026-03-18TrueTrue
Opportunistic threat actors using Ramadan coupon as a lure to target retail store customers in Middle East2026-03-18TrueTrue
Weaponizing LSPosed: Remote SMS Injection and Identity Spoofing in Modern Payment Ecosystems2026-03-17TrueTrue
Southeast Asia Region-specific Iran-israel war Threat Intelligence2026-03-16TrueTrue
Weaponizing LSPosed: Remote SMS Injection and Identity Spoofing in Modern Payment Ecosystems2026-03-11TrueTrue
AI, the Iran-US Conflict, and the Threat to US Critical Infrastructure2026-03-06TrueTrue
A Threat Actor Landscape Assessment of ICS/OT Targeting in the 2026 Iran-US Conflict AND THE SCALE OF THE RISK2026-03-05TrueTrue
RedAlert Trojan Campaign: Fake Emergency Alert App Spread via SMS Spoofing Israeli Home Front Command2026-03-03TrueTrue
Situation Report: Middle East Escalation (February 27–1st March, 2026)2026-03-02TrueTrue
Inside Gunra RaaS: From Affiliate Recruitment on the Dark Web to Full Technical Dissection of their Locker2026-02-11TrueTrue
The Hidden Backdoor to 200 Airports: A Supply Chain Failure in Aviation2026-02-04TrueTrue
Cross-Border Cryptocurrency Investment Scam Leveraging Social Messaging Channels and Fake Regulatory Credentials2026-02-02TrueTrue
Pivoting From PayTool: Tracking Various Frauds and E-Crime Targeting Canada2026-01-27TrueTrue
Inside MacSync's Script-Driven Stealer and Hardware Wallet App Trojanization2026-01-21TrueTrue
HUMINT Operations Uncover Cryptojacking Campaign: Discord-Based Distribution of Clipboard Hijacking Malware Targeting Cryptocurrency Communities2026-01-15TrueTrue
Reborn in Rust: MuddyWater Evolves Tooling with RustyWater Implant2026-01-08TrueTrue
RondoDoX Botnet Weaponizes React2Shell2025-12-29TrueTrue
Silver Fox Targeting India Using Tax Themed Phishing Lures2025-12-24TrueTrue
CloudSEK Detects Over 2,000 Holiday-Themed Fake Stores Exploiting Black Friday and Festive Sales2025-11-27TrueTrue
The COM: Anatomy of an English-Speaking Cybercriminal Ecosystem And The Origins of Scattered Lapsus$ Hunters 2025-11-11TrueTrue
An Insider Look At The IRGC-linked APT35 Operations: Ep3 - Malware Arsenal & Tooling2025-10-14TrueTrue
An Insider Look At The IRGC-linked APT35 Operations: Ep1 & Ep22025-10-07TrueTrue
Threat Actors Impersonate Microsoft Teams To Deliver Odyssey macOS Stealer Via Clickfix2025-09-05TrueTrue
Phishing the Supply Chain: Is Your Vendor Email Security an Invitation for Threat Actors?2025-09-04TrueTrue
Racing Into Danger: Advanced Cyber Threats Targeting Formula 1 Fans and Teams Ahead of the Dutch Grand Prix2025-08-31TrueTrue
The Price of Trust: Analyzing the Malware Campaign Exploiting TASPEN's Legacy to Target Indonesian Senior Citizens2025-08-27TrueTrue
Trusted My Summarizer, Now My Fridge Is Encrypted — How Threat Actors Could Weaponize AI Summarizers with CSS-Based ClickFix Attacks2025-08-25TrueTrue
Investigation Report: APT36 Malware Campaign Using Desktop Entry Files and Google Drive Payload Deliver2025-08-21TrueTrue
The Ghost in the Machine: The Complete Dossier on TA-NATALSTATUS and the Cryptojacking Turf War2025-08-21TrueTrue
Cybersecurity in Focus: Recent Threats Targeting India Amid Independence Day Celebrations2025-08-14TrueTrue
From One File to Full Exposure: Vendor’s .git File Leaks Source Code, Secrets, and Over 1 Million PII Records of Automotive Giants2025-08-14TrueTrue
Deepfakes and Unkept Promises lead to Financial Fraud on Social Media, targeting the General Public 2025-07-29TrueTrue
Cybersecurity Scams Targeting Fans and Teams at the 2025 Belgian Grand Prix2025-07-28TrueTrue
Threat Actors Lure Victims Into Downloading .HTA Files Using ClickFix To Spread Epsilon Red Ransomware2025-07-25TrueTrue
Beyond the Breach: Cutting Through Noise to Focus on Real Threats 2025-07-09TrueTrue

1–50 of 193