Category: VendorResearch

New threat actor, UAT-9921, leverages VoidLink framework in campaigns
08
Mar
2026

New threat actor, UAT-9921, leverages VoidLink framework in campaigns

Cisco Talos recently discovered a new threat actor, UAT-9921, leveraging VoidLink in campaigns. Their activities may go as far back…

Share: X : New threat actor, UAT-9921, leverages VoidLink framework in campaignsFacebook : New threat actor, UAT-9921, leverages VoidLink framework in campaignsLinkedin : New threat actor, UAT-9921, leverages VoidLink framework in campaignsReddit : New threat actor, UAT-9921, leverages VoidLink framework in campaignsTelegram : New threat actor, UAT-9921, leverages VoidLink framework in campaignsWhatsApp : New threat actor, UAT-9921, leverages VoidLink framework in campaignsEmail : New threat actor, UAT-9921, leverages VoidLink framework in campaigns
Fuzzing a single thread to uncover vulnerabilities
08
Mar
2026

Fuzzing a single thread to uncover vulnerabilities

A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting…

Share: X : Fuzzing a single thread to uncover vulnerabilitiesFacebook : Fuzzing a single thread to uncover vulnerabilitiesLinkedin : Fuzzing a single thread to uncover vulnerabilitiesReddit : Fuzzing a single thread to uncover vulnerabilitiesTelegram : Fuzzing a single thread to uncover vulnerabilitiesWhatsApp : Fuzzing a single thread to uncover vulnerabilitiesEmail : Fuzzing a single thread to uncover vulnerabilities
Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel
08
Mar
2026

Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel

October 7: Hamas attacks Israel In the midst of the Israel-Hamas War, which erupted with a surprising and devastating attack…

Share: X : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelFacebook : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelLinkedin : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelReddit : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelTelegram : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelWhatsApp : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on IsraelEmail : Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel
Threat modeling AI applications | Microsoft Security Blog
08
Mar
2026

Threat modeling AI applications | Microsoft Security Blog

Proactively identifying, assessing, and addressing risk in AI systems We cannot anticipate every misuse or emergent behavior in AI systems….

Share: X : Threat modeling AI applications | Microsoft Security BlogFacebook : Threat modeling AI applications | Microsoft Security BlogLinkedin : Threat modeling AI applications | Microsoft Security BlogReddit : Threat modeling AI applications | Microsoft Security BlogTelegram : Threat modeling AI applications | Microsoft Security BlogWhatsApp : Threat modeling AI applications | Microsoft Security BlogEmail : Threat modeling AI applications | Microsoft Security Blog
Malicious AI Assistant Extensions Harvest LLM Chat Histories
08
Mar
2026

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Microsoft Defender has been investigating reports of malicious Chromium‑based browser extensions that impersonate legitimate AI assistant tools to harvest LLM…

Share: X : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesFacebook : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesLinkedin : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesReddit : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesTelegram : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesWhatsApp : Malicious AI Assistant Extensions Harvest LLM Chat HistoriesEmail : Malicious AI Assistant Extensions Harvest LLM Chat Histories
New Dohdoor malware campaign targets education and health care
08
Mar
2026

New Dohdoor malware campaign targets education and health care

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed…

Share: X : New Dohdoor malware campaign targets education and health careFacebook : New Dohdoor malware campaign targets education and health careLinkedin : New Dohdoor malware campaign targets education and health careReddit : New Dohdoor malware campaign targets education and health careTelegram : New Dohdoor malware campaign targets education and health careWhatsApp : New Dohdoor malware campaign targets education and health careEmail : New Dohdoor malware campaign targets education and health care
Matt Kapko
08
Mar
2026

Global coalition dismantles Tycoon 2FA phishing kit

Tycoon 2FA, a major phishing kit and platform that allowed low-skilled cybercriminals to bypass multifactor authentication and conduct large-scale adversary-in-the-middle…

Share: X : Global coalition dismantles Tycoon 2FA phishing kitFacebook : Global coalition dismantles Tycoon 2FA phishing kitLinkedin : Global coalition dismantles Tycoon 2FA phishing kitReddit : Global coalition dismantles Tycoon 2FA phishing kitTelegram : Global coalition dismantles Tycoon 2FA phishing kitWhatsApp : Global coalition dismantles Tycoon 2FA phishing kitEmail : Global coalition dismantles Tycoon 2FA phishing kit
VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun
08
Mar
2026

VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun

Key Points Check Point Research (CPR) believes a new era of AI-generated malware has begun. VoidLink stands as the first…

Share: X : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunFacebook : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunLinkedin : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunReddit : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunTelegram : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunWhatsApp : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunEmail : VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun
Flashpoint’s Threat Intelligence Capability Assessment
08
Mar
2026

Flashpoint’s Threat Intelligence Capability Assessment

Many organizations today have some form of threat intelligence. Far fewer have a threat intelligence function that is structured, measurable,…

Share: X : Flashpoint’s Threat Intelligence Capability AssessmentFacebook : Flashpoint’s Threat Intelligence Capability AssessmentLinkedin : Flashpoint’s Threat Intelligence Capability AssessmentReddit : Flashpoint’s Threat Intelligence Capability AssessmentTelegram : Flashpoint’s Threat Intelligence Capability AssessmentWhatsApp : Flashpoint’s Threat Intelligence Capability AssessmentEmail : Flashpoint’s Threat Intelligence Capability Assessment
Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East
08
Mar
2026

Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East

Key Findings During the ongoing conflict, we identified intensified targeting of IP cameras from two manufacturers starting on February 28,…

Share: X : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastFacebook : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastLinkedin : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastReddit : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastTelegram : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastWhatsApp : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle EastEmail : Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East
Patch, track, repeat: The 2025 CVE retrospective
08
Mar
2026

Patch, track, repeat: The 2025 CVE retrospective

Welcome to this week’s edition of the Threat Source newsletter. It’s time to look back at a year that pushed the…

Share: X : Patch, track, repeat: The 2025 CVE retrospectiveFacebook : Patch, track, repeat: The 2025 CVE retrospectiveLinkedin : Patch, track, repeat: The 2025 CVE retrospectiveReddit : Patch, track, repeat: The 2025 CVE retrospectiveTelegram : Patch, track, repeat: The 2025 CVE retrospectiveWhatsApp : Patch, track, repeat: The 2025 CVE retrospectiveEmail : Patch, track, repeat: The 2025 CVE retrospective
The image shows a settings window for MMXPAGER TAP/SMS configuration. It includes checkboxes and fields for enabling TAP log file, TAP and SMS dialogs, acknowledgments, ANSI Modem, and SMS Unicode. There are input fields for SNPP server host name, port (set to 444), SNPP protocol level, pin, and password. There's also a dropdown menu option to allow shutdown.
08
Mar
2026

Privileged File System Vulnerability Present in a SCADA System

Executive Summary This report details a vulnerability we found in the Iconics Suite, tracked as CVE-2025-0921 with a Medium CVSS…

Share: X : Privileged File System Vulnerability Present in a SCADA SystemFacebook : Privileged File System Vulnerability Present in a SCADA SystemLinkedin : Privileged File System Vulnerability Present in a SCADA SystemReddit : Privileged File System Vulnerability Present in a SCADA SystemTelegram : Privileged File System Vulnerability Present in a SCADA SystemWhatsApp : Privileged File System Vulnerability Present in a SCADA SystemEmail : Privileged File System Vulnerability Present in a SCADA System