Cybereason Blog

ID: cb3ac1f4-f16e-5b02-9073-dad1bf8e3b41

STIX ID: identity--cb3ac1f4-f16e-5b02-9073-dad1bf8e3b41

Feed Type: rss

Earliest post: 2023-12-11

Latest post: 2026-02-05

Threat research, attack analysis, and security insights from the Cybereason research team — covering real-world incidents, adversary tactics, detection methods, and defensive strategies.

Exclude posts that do not describe a security incident

Classification

Min Pub Date

01/01/2020

Max Pub Date

05/29/2026

Title	Date Published ↓	Describes Incident	Author	Visible
Cybereason TTP Briefing Q4 2025: Diverse Phishing Tactics and RATs on the Rise	2026-02-05	True	Cybereason Consulting Team	True
Fake Installer: Ultimately, ValleyRAT infection	2026-02-03	True	Cybereason Security Services Team	True
CVE-2025-55182: Critical Vulnerability, React2Shell, Allows for Unauthenticated RCE	2025-12-05	True	Cybereason Consulting Team	True
License to Encrypt: “The Gentlemen” Make Their Move	2025-11-18	True	Cybereason Security Services Team	True
Tycoon 2FA Phishing Kit Analysis	2025-11-03	True	Cybereason Security Services Team	True
From Scripts to Systems: A Comprehensive Look at Tangerine Turkey Operations	2025-10-29	True	Cybereason Security Services Team	True
Cybereason TTP Briefing Q3 2025: LOLBINs and CVE Exploits Dominate	2025-10-23	True	Cybereason Consulting Team	True
Addressing CL0P Extortion Campaign Targeting Oracle EBS CVE-2025-61882	2025-10-05	True	Cybereason Consulting Team	True
Behind the Mask of Madgicx Plus: A Chrome Extension Campaign Targeting Meta Advertisers	2025-09-09	True	Cybereason Security Services Team	True
CVE-2025-53770 & CVE-2025-53771: Critical On-Prem SharePoint Vulnerabilities	2025-07-22	True	Cybereason Consulting Team	True
BlackSuit: A Hybrid Approach with Data Exfiltration and Encryption	2025-07-11	True	Cybereason Security Services Team	True
Deploying NetSupport RAT via WordPress & ClickFix	2025-07-07	True	Cybereason Security Services Team	True
Introducing the Cybereason TTP Briefing: Frontline Threat Intelligence Insights	2025-06-29	True	Cybereason Consulting Team	True
Ransomware Gangs Collapse as Qilin Seizes Control	2025-06-17	True	Cybereason Security Services Team	True
Copyright Phishing Lures Leading to Rhadamanthys Stealer Now Targeting Europe	2025-05-21	True	Cybereason Security Services Team	True
Genesis Market - Malicious Browser Extension	2025-05-21	True	Cybereason Security Services Team	True
CVE-2025-32433: Unauthenticated RCE Vulnerability in Erlang/OTP’s SSH Implementation	2025-04-20	True	Cybereason Consulting Team	True
From Shadow to Spotlight: The Evolution of LummaStealer and Its Hidden Secrets	2025-04-11	True	Cybereason Security Services Team	True
The Curious Case of PlayBoy Locker	2025-03-25	True	Cybereason Security Services Team	True
Three Zero-Day Vulnerabilities Discovered in VMware Products	2025-03-05	True	Cybereason Consulting Team	True
Phorpiex - Downloader Delivering Ransomware	2025-01-28	True	Cybereason Security Services Team	True
CVE-2025-23006: Critical Vulnerability Discovered in SonicWall SMA 1000 Series	2025-01-24	True	Cybereason Consulting Team	True
CVE-2024-55956: Zero-Day Vulnerability in Cleo Software Could Lead to Data Theft	2024-12-17	True	Cybereason Consulting Team	True
Your Data Is Under New Lummanagement: The Rise of LummaStealer	2024-12-17	True	Cybereason Security Services Team	True
Stellar Discovery of A New Cluster of Andromeda/Gamarue C2	2024-12-03	True	Cybereason Security Services Team	True
THREAT ANALYSIS: Beast Ransomware	2024-10-18	True	Cybereason Security Services Team	True
CUCKOO SPEAR Part 2: Threat Actor Arsenal	2024-10-04	True	Cybereason Security Services Team	True
CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective	2024-09-13	True	Cybereason Security Services Team	True
Cuckoo Spear – the latest Nation-state Threat Actor targeting Japanese companies	2024-07-25	True	Cybereason Security Services Team	True
Hardening of HardBit	2024-07-10	True	Cybereason Security Services Team	True
I am Goot (Loader)	2024-06-25	True	Cybereason Security Services Team	True
Malicious Life Podcast: What Happened at Uber?	2024-06-11	True	Malicious Life Podcast	True
THREAT ALERT: The XZ Backdoor - Supply Chaining Into Your SSH	2024-05-29	True	Cybereason Security Services Team	True
Behind Closed Doors: The Rise of Hidden Malicious Remote Access	2024-05-06	True	Cybereason Security Services Team	True
Threat Alert: The Anydesk Breach Aftermath	2024-03-22	True	Cybereason Security Services Team	True
Beware of the Messengers, Exploiting ActiveMQ Vulnerability	2024-03-13	True	Cybereason Security Services Team	True
Unboxing Snake - Python Infostealer Lurking Through Messaging Services	2024-03-05	True	Cybereason Security Services Team	True
From Cracked to Hacked: Malware Spread via YouTube Videos	2024-02-12	True	Cybereason Security Services Team	True
THREAT ALERT: Ivanti Connect Secure VPN Zero-Day Exploitation	2024-02-06	True	Cybereason Security Services Team	True
THREAT ALERT: DarkGate Loader	2024-01-29	True	Cybereason Security Services Team	True
Malicious Life Podcast: The Mariposa Botnet	2024-01-22	True	Malicious Life Podcast	True
Malicious Life Podcast: The Real Story of Citibank’s $10M Hack	2024-01-09	True	Malicious Life Podcast	True
Malicious Life Podcast: How to Hack Into Satellites	2023-12-27	True	Malicious Life Podcast	True
THREAT ALERT: CITRIXBLEED (CVE-2023-4966)	2023-12-18	True	Cybereason Security Services Team	True
Malicious Life Podcast: Moonlight Maze	2023-12-11	True	Malicious Life Podcast	True