ESET APT Activity Report Q2 2025–Q3 2025
ESET Research Threat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025…
Author: Cybernoz
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization…
Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations
Exploitation required only the target agent’s subdomain, which Enclave described as predictable and enumerable, and roughly 15 lines of Python. Third-party trackers identified the affected…
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
On Monday Valsorda finally channelled years’ worth of frustration fueled by the widely held misunderstanding into a blog post titled Quantum Computers Are Not a…
Darktrace identifies ZionSiphon malware engineered for OT disruption in Israeli water sector environments
Researchers from Darktrace detailed a malware strain dubbed ZionSiphon, highlighting a piece of OT (operational technology)-focused malware designed to target Israeli water treatment and desalination…
Vect formalizes BreachForums and TeamPCP alliance to push model for industrialized ransomware, scale RaaS operations
New data from Dataminr identified that ransomware group Vect operationalized a formal partnership with BreachForums cybercrime marketplace and TeamPCP hacking group. Vect’s move lowers the…
Uptick in Bomgar RMM Exploitation
Acknowledgments: Special thanks to Olly Maxwell, Josh Kiriakoff, Jordan Sexton, Ryan Dowd, Jamie Dumas, Amelia Casley, Austin Worline, and Lindsey O’Donnell-Welch for their contributions to…
Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction
Fraud prevention and user experience have long been treated as opposing forces: tighten security, and you risk alienating legitimate customers; loosen it, and you open…
Hackers Abuse GitHub Issue Notifications to Phish Developers Through Malicious OAuth Apps
Cybersecurity researchers have uncovered a sophisticated phishing technique that targets software developers by abusing GitHub’s own notification system to deliver malicious OAuth app authorization requests.…
They Built a Legendary Privacy Tool. Now They’re Sworn Enemies
It’s difficult to find much information about Daniel Micay online. Google him and you’ll turn up an impersonal X account and a barren LinkedIn page,…
AI-Powered NGate Malware Evades Detection Inside NFC Payment Apps
A new NGate malware variant that hides inside a trojanized version of HandyPay, a legitimate NFC payment relay app for Android, to steal card data…
The worrying gap in industry threat intelligence – and how to solve it
The past year has seen cyber criminals attacking a range of targets, from International airports, to brewery chains to childcare institutions. It is increasingly clear…