Estimated reading time: 3 minutes
CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization Apache Tomcat is a popular, open-source web server and servlet container maintained by the Apache Software Foundation. It provides a reliable and scalable environment for executing Java Servlets...
Estimated reading time: 8 minutes
Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics Contents Introduction Infection Chain Initial Findings Campaign 1 Looking into PDF document. Campaign 2 Looking into PDF document. Technical Analysis Campaign 1 & 2 Conclusion Seqrite Protection MITRE ATT&CK...Estimated reading time: 10 minutes
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs. Contents Introduction Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious RAR File Stage 2 –...
Estimated reading time: 6 minutes
SnakeKeylogger – A Multistage Info Stealer Malware Campaign Info-stealer malware has become a growing threat, with attackers constantly refining their techniques to evade detection. Among these threats, SnakeKeylogger has emerged as one of the highly active credential-stealing malware, targeting...
Estimated reading time: 6 minutes
The Rising Threat of QR Code-Driven Phishing Schemes A new kind of cyberattack has emerged in recent years as a result of QR codes’ popularity as a quick and easy way to share information. Businesses are increasingly at risk...
Estimated reading time: 7 minutes
New Steganographic Campaign Distributing Multiple Malware Recently we have observed multiple stealer malware such as Remcos, DcRAT,AgentTesla, VIPKeyLogger, etc. distributed through a steganographic campaign. On tracing the roots, the campaign has been around for a while but has not...
Estimated reading time: 3 minutes
Beyond Passwords: Is Your System Truly Secure? The cybersecurity landscape is constantly evolving, with traditional methods of securing user accounts—such as passwords—proving increasingly inadequate against the growing sophistication of cyberattacks. In response, authentication systems that go Beyond Passwords, i.e.,...
Estimated reading time: 6 minutes
Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In...
Estimated reading time: 10 minutes
XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants Table of Contents Introduction Initial Findings. Infection Chain. Technical Analysis. Initial Infection – Malicious Document. Second Stage – Malicious PyInstaller Executable. Final Stage – Malicious Python...
Estimated reading time: 4 minutes
Exposed SMB: The Hidden Risk Behind ‘WantToCry’ Ransomware Attacks Introduction In today’s digital landscape, ransomware attacks are evolving at an alarming rate, leveraging overlooked vulnerabilities to infiltrate systems. One such weakness is misconfigured Server Message Block (SMB) services, which...