Skip to content
Latest
Jscrambler npm Compromise Shows Build Pipelines Need Runtime ControlsGhost Phishing Shows Why Email Security Must Follow the BrowserPakistani Police Intrusions Show Why Public-Sector Data Systems Are Strategic TargetsBad Epoll Shows Linux Kernel LPEs Belong in the Patch Priority QueueFake Payment SDKs Show Why Dependency Risk Is Credential RiskCritical UniFi Flaws Put Network Control Planes Back in the Patch QueueVidar Stealer Campaign Shows Why File Size and Fake Signatures Still Beat Weak ControlsADFS Signing Keys Show Why Federation Servers Are Tier-Zero Identity InfrastructureUAT-7810 Shows Edge Devices Are Becoming China-Nexus Relay InfrastructureFortiBleed Shows Firewall Credentials Are Ransomware FuelNetNut and Popa Takedown Shows Residential Proxies Are Now Attack InfrastructureVect and TeamPCP Show Supply-Chain Credentials Are Ransomware FuelOusaban Shows Banking Trojans Are Learning to Hide From SandboxesNUT upsmon Command Injection Shows UPS Monitoring Belongs in the Patch Queue

Category Archive

Business

15 reports · All intelligence

Bulwark Black cyber threat intelligence filed under Business.

Business
Business·

Hormuz Crisis Investment Report

2026 Hormuz Crisis — Investment Strategy Report BRENT CRUDE $101.91 ▲3.47% WTI CRUDE $98.50 ▲3.12% GOLD $4,750 ▼0.72% XLE +25% YTD XOP +30% YTD BWET +411% Q1 2026 S&P 500 -4.4% YTD 10-YR YIELD 4.46% HORMUZ STATUS BLOCKADE ACTIVE IEA: LARGEST SUPPLY DISRUPTION IN HISTORY BRENT CRU

Business
Identity Security Becomes Critical Attack Vector as Organizations Battle Fragmented Access Controls
Business·

Identity Security Becomes Critical Attack Vector as Organizations Battle Fragmented Access Controls

Identity attacks have evolved beyond simply compromising individual accounts—modern threat actors now focus on what those identities can access across an organization’s sprawling digital ecosystem. As enterprises manage an explosive growth in human, non-human, and agentic identit

Business
Google Patches Two Actively Exploited Chrome Zero-Days: CVE-2026-3909 and CVE-2026-3910
Business·

Google Patches Two Actively Exploited Chrome Zero-Days: CVE-2026-3909 and CVE-2026-3910

Google has released emergency security updates to fix two high-severity vulnerabilities in Chrome that are being actively exploited in the wild. These are the second and third Chrome zero-days patched in 2026, highlighting the continued targeting of browser vulnerabilities by thr

Business
Business·

CISA Confirms VMware ESXi Flaw CVE-2025-22225 Now Exploited in Active Ransomware Campaigns

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to confirm that CVE-2025-22225, a high-severity VMware ESXi sandbox escape vulnerability, is now being actively exploited in ransomware attacks. The Vuln

Business
Aisuru Botnet Shatters Records with 31.4 Tbps DDoS Attack
Business·

Aisuru Botnet Shatters Records with 31.4 Tbps DDoS Attack

The Aisuru/Kimwolf botnet launched the largest DDoS attack ever publicly disclosed, peaking at 31.4 Tbps and 200 million requests per second in Cloudflare’s ‘Night Before Christmas’ campaign.

Business
Match Group Data Breach Exposes User Information from Tinder, Hinge, and OkCupid
Business·

Match Group Data Breach Exposes User Information from Tinder, Hinge, and OkCupid

Match Group confirms cybersecurity incident after ShinyHunters voice phishing campaign compromises SSO account, exposing data from popular dating apps including Tinder, Hinge, OkCupid, and Match.com.

Business
Business·

16 Malicious Chrome Extensions Steal ChatGPT Session Tokens

Security researchers discovered 16 malicious browser extensions claiming to enhance ChatGPT that actually steal session tokens, giving attackers full access to accounts and conversation history.

Business
Business·

Google Disrupts World’s Largest Residential Proxy Botnet

Google Threat Intelligence Group disrupts IPIDEA, the world’s largest residential proxy network, used by 550+ threat groups including nation-state actors from China, Russia, Iran, and North Korea.

Becoming Self Sufficient
Complete Guide: Setting Up FreePBX with VPS, Docker, and VPN (CGNAT Bypass Solution)
Becoming Self Sufficient·

Complete Guide: Setting Up FreePBX with VPS, Docker, and VPN (CGNAT Bypass Solution)

Complete FreePBX Setup Guide – Docker, VPN, and Twilio Integration Requirements / Setup Digital Ocean or whatever cloud provider you choose Docker (FreePBX) Nginx Setup OVPN Configuration IP Tables Setup YeaLink Phone configuration, the (YeaLinkT45w) was used in this tutorial Twi

Business
How to communicate a cyber breach to minimize reputational damage
Business·

How to communicate a cyber breach to minimize reputational damage

READ ARTICLE Sarah Woodhouse, Director of AMBITIOUS, explains how businesses must communicate a cyber breach in order to remain trustworthy and minimise damage. A cyber breach occurs roughly once every 39 seconds. With businesses as targets for their data, it’s not a case of if b

Business
How to Leverage Internal Proxies for Lateral Movement, Firewall Evasion, and Trust Exploitation
Business·

How to Leverage Internal Proxies for Lateral Movement, Firewall Evasion, and Trust Exploitation

Business
Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike
Business·

Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike

Read Article The ability to quickly build out a C2 infrastructure within a few minutes, including all the set up and tear down logic included would be a great asset for any offensive security group or operator. In this post, I will show exactly how to build a fully automated func

Business
Review: Engineering-grade OT security: A manager’s guide
Business·

Review: Engineering-grade OT security: A manager’s guide

Business
The Underground Economist: Volume 4, Issue 1
Business·

The Underground Economist: Volume 4, Issue 1

https://www.zerofox.com/blog/the-underground-economist-volume-4-issue-1/ On December 27, 2023, threat actor “APTlord” announced on the dark web forum RAMP that they were selling source code and other information owned by marinetraffic[.]com, which was allegedly obtained by the th

Business
Red Pandas Unleashed: How Webhooks, Bad USB, and WiFi Collide in Cyberspace
Business·

Red Pandas Unleashed: How Webhooks, Bad USB, and WiFi Collide in Cyberspace

Read Article The Power of Automation for Pentesting Automation has become a game-changer in the world of penetration testing. With the ever-increasing complexity of networks and systems, manually tracking and responding to security events is no longer viable. This is where webhoo