threat actors

Threat actors have escalated their tactics by exploiting the Microsoft 365 Direct Send feature, fundamentally altering the landscape of email-based cyber attacks. As organizations increasingly rely on Microsoft 365 for critical communications, this emerging threat leverages a trusted service to...

Visual Studio Code continues to stand at the forefront of code editors, serving millions of developers globally with its flexibility, open-source nature, and strong ecosystem of extensions. However, its popularity and reach make it a prime target for security researchers and threat actors alike...

Threat actors are increasingly leveraging vulnerabilities in both Windows and Linux server environments to deploy web shells and sophisticated malware, perpetuating an alarming trend in the threat landscape that puts organizational networks at heightened risk. Over the past several months...

June 2025's Patch Tuesday brought a sense of urgency back to the Windows security community, as Microsoft addressed a suite of 67 new vulnerabilities—among them, two zero-day exploits and multiple high-profile threats targeting legacy protocols and modern productivity tools. As enterprises and...

June’s Patch Tuesday has become a pivotal moment for Windows system administrators, threat researchers, and IT professionals alike. Microsoft’s June 2025 security update underlines why: it delivers patches for a total of 67 vulnerabilities, including two actively exploited zero-days and eight...

Every cyber incident headline seems to ping-pong between shifting brands: Cozy Bear, Midnight Blizzard, APT29, UNC2452, Voodoo Bear—names that sound like the roll call from a hacker-themed comic, not the carefully curated codenames for state-sponsored threat actors plaguing the digital world. If...

The rapid evolution of cybercrime has brought forth a new era of sophisticated phishing operations, with attackers now leveraging complex “Phishing-as-a-Service” (PhaaS) platforms to target lucrative enterprise networks. One such operation, identified in research as Storm-1575 and more widely...

In the ever-evolving landscape of cybersecurity threats, Pure Crypter has emerged as a formidable malware-as-a-service (MaaS) loader, adept at circumventing the latest security enhancements in Windows 11 24H2. This sophisticated tool has become a linchpin for threat actors deploying information...

The emergence of Void Blizzard—a newly identified, Russian-affiliated threat actor—has sent ripples of concern through cybersecurity communities, government agencies, and critical infrastructure operators worldwide. According to detailed findings published by Microsoft Threat Intelligence, Void...

Industrial Control System (ICS) advisories released by authoritative agencies such as CISA (the Cybersecurity and Infrastructure Security Agency) continue to shape the global conversation on critical infrastructure security. The latest burst of advisories—including the recently referenced but...

In a fast-evolving digital threat landscape, even the most fundamental and trusted layers of operating system architecture can become primary targets. This reality has been thrust into the spotlight yet again by the discovery and subsequent analysis of the Windows Update Stack...

Microsoft 365 account holders, it’s time to clutch your credentials like your last stick of office coffee—hackers have orchestrated another clever plot, this time through everyone’s favorite messaging apps. If you thought WhatsApp and Signal were just for family chats and cryptic office banter...

Every time the cybersecurity community thinks they’re getting ahead of attackers, someone comes along and turns a trusted workflow into a digital bear trap. That’s exactly what’s unfolding in the latest campaign orchestrated by Russian threat actors who are gleefully exploiting legitimate...

In a recent development, Russian threat actors identified as UTA0352 and UTA0355 have been targeting Ukraine-linked nongovernmental organizations (NGOs) by exploiting the OAuth protocol to compromise Microsoft 365 accounts. The Mechanics of the Attack The attackers initiated their campaign with...

They say trust is the cornerstone of any relationship—especially if that relationship is between you, the internet, and a determined Russian adversary with a penchant for phishy invitations and suspicious requests for OAuth codes. Phishing in the OAuth Era: New Tricks for Old Hackers When we...

We live in an era where simply clicking a video call link could lead to the digital equivalent of inviting a burglar in for tea—and hackers are getting increasingly creative with their invitations, especially when it comes to Microsoft 365 access. The Evolving Art of Social Engineering (or: Why...

Inside the New Wave of Cyberattacks Exploiting Microsoft Teams to Infect Windows PCs Microsoft Teams has become indispensable in modern workplaces, a hub for collaboration and communication. Yet, this very platform trusted by millions has transformed into a battleground where hackers wage...

Hackers Exploit Windows MMC Zero-Day to Execute Malicious Code A new cybersecurity scare is unsettling the Windows community. A recently uncovered zero-day vulnerability in the Microsoft Management Console (MMC) — tracked as CVE-2025-26633 — is being actively exploited by a sophisticated...

Microsoft has pulled back the curtain on an intricate cybercrime scheme involving generative AI services—a revelation that underscores the growing risks at the intersection of artificial intelligence and cyber security. In a bold move on February 28, 2025, Microsoft publicly identified and...

In today’s rapidly evolving cybersecurity landscape, even the most trusted platforms can become targets for sophisticated attacks. Recent research from Volexity, as featured on the KnowBe4 Blog, has revealed that Russian threat actors—among them the notorious SVR-linked Cozy Bear—are leveraging...