Between July 7 and July 18, 2025, massive attacks were identified targeting on-premises Microsoft SharePoint servers, exploiting a chain of zero-day vulnerabilities, including CVE-2025-49706 (spoofing/deserialization) and CVE-2025-49704, and subsequently new variants identified as CVE-2025-53770 and…
In recent years, there has been a structural and barely visible transformation in the cyber threat ecosystem: info-stealers, malware designed to exfiltrate credentials, session cookies, crypto wallets, and other specific artifacts, have moved beyond the…
On the night between May 7 and 8, 2025, the infrastructure of the LockBit ransomware group was compromised again — the final act of the attack was a public defacement of their platform. The stolen…
In recent days, a fake version of Salesforce has been exploited to carry out a particularly sophisticated vishing attack. Cybercriminals, posing as internal operators or company technicians, contacted victims by phone with the aim of…
In recent years, the use of tools known as sandboxes has grown significantly. These platforms offer a secure, isolated environment in which suspicious files, emails and potentially harmful links can be examined without risking compromise…
The Chinese-linked APT group UNC5174 has been observed deploying an advanced malware toolkit targeting Linux systems, combining a custom downloader known as SNOWLIGHT with a stealthy and powerful remote access trojan called VShell. What…
In recent times, the “E-crime as a service” phenomenon has radically changed the cybercrime landscape, opening the door to “low-skill” criminals. Thanks to an increasingly accessible ecosystem and the availability of turnkey criminal tools, today…
Since 2024, a new cybercriminal group has been targeting various companies with sophisticated and evasive techniques. Our Incident Response team has intervened several times to neutralise it, and in this article we provide an analysis…
The dark web hosts a complex ecosystem where licit and illicit activities intertwine, offering anonymity but also exposing to significant risks. The main communication between criminal hackers takes place in specialised forums that serve as…
We often hear about BEC, an acronym that stands for Business Email Compromise, a threat we all face every day in our mailbox. But in fact, what are we talking about? How to avoid falling…
