When a large-scale service goes offline — as has happened with Amazon Web Services (AWS) — the first reaction is almost always the same: “Are we under attack?” In this case, however, the reality may…
21 October 2025
In recent weeks, we have seen a wave of reports about the so-called “receipt scam”: recovered or photographed ATM/POS receipts become the starting point for social engineering attacks that lead to accounts being emptied or…
14 October 2025
Cyberoo I-SOC identified an advertisement on a cybercriminal forum for a possible pre-auth exploit for Cisco Firewall Management Center that would allow arbitrary commands to be executed as root on Linux virtual appliances. The author…
8 October 2025
In recent years, the criminal ransomware market has been based on a reproducible model: pre-packaged kits, payment infrastructures, and affiliates that run campaigns (RaaS). The emergence of local AI tools changes the attack surface: PromptLock,…
23 September 2025
Smart mobility is one of the pillars of the energy transition. Charging stations, electric vehicles and cloud management platforms create a distributed and connected ecosystem that brings clear benefits in terms of sustainability and efficiency….
16 September 2025
Between 2024 and 2025, several real-world cases emerged where Artificial Intelligence was leveraged to orchestrate large-scale financial fraud. In one international case, an employee authorized a $25 million transfer after a video call with what…
2 September 2025
Between July 7 and July 18, 2025, massive attacks were identified targeting on-premises Microsoft SharePoint servers, exploiting a chain of zero-day vulnerabilities, including CVE-2025-49706 (spoofing/deserialization) and CVE-2025-49704, and subsequently new variants identified as CVE-2025-53770 and…
23 July 2025
In recent years, there has been a structural and barely visible transformation in the cyber threat ecosystem: info-stealers, malware designed to exfiltrate credentials, session cookies, crypto wallets, and other specific artifacts, have moved beyond the…
16 July 2025
On the night between May 7 and 8, 2025, the infrastructure of the LockBit ransomware group was compromised again — the final act of the attack was a public defacement of their platform. The stolen…
24 June 2025
In recent days, a fake version of Salesforce has been exploited to carry out a particularly sophisticated vishing attack. Cybercriminals, posing as internal operators or company technicians, contacted victims by phone with the aim of…
10 June 2025
