Sha1-Hulud: The Second Coming of The New npm GitHub Worm
December 03, 2025 | Karl Sigler
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.
Handala's Latest Publication Targets Israeli High-Tech Specialists
November 26, 2025 | Arthur Erzberger
The Handala hacker group has recently published a list of Israeli high-tech and ...
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
November 19, 2025 | Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi
Trustwave SpiderLabs researchers have recently identified a banking Trojan we ...
Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287
November 14, 2025 | Fernando Martinez
LevelBlue Labs is tracking a severe vulnerability in Windows Server Update ...
SharpParty: Process Injection in C#
November 11, 2025 | Will Rabb
This article also appears on the Stroz Friedberg, A LevelBlue Company, blog ...
The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT
November 07, 2025 | Karl Biron
In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of ...
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
November 04, 2025 | Serhii Melnyk
Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...
Bolstering Cybersecurity Resilience in the Public Sector
October 29, 2025
With digital transformation continuing unabated, the prevalence of legacy ...
Public Sector Ransomware Attacks Relentlessly Continue
October 22, 2025
In 2025, 36 years after the first ransomware attack was recorded, actors ...
The F5 BIG-IP Source Code Breach
October 17, 2025 | Karl Sigler
On August 9, F5 discovered that multiple systems were compromised by what it is ...
Data in the Dark: The Public Sector on the Dark Web
October 15, 2025
The dark web serves as a refuge for threat actors to gather intel, trade ...
Notepad++ DLL Hijacking (CVE-2025-56383): CVSS 8.4 or CVSS 0.0?
October 03, 2025
A vulnerability on a popular source-code editor has been recently released ...
From Folding to Folded: Hacking High Volume Mailer Machines
September 30, 2025 | John Jackson
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for ...
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities
September 26, 2025 | Harold Zang
REDCap, developed by Vanderbilt University, is a secure platform designed for ...
US Secret Service Blocks Massive Telecom Attack in New York
September 24, 2025 | Karl Sigler
The Secret Service’s takedown in New York shines a light on a type of threat ...
Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses
September 09, 2025 | Karl Sigler
Trustwave's Security & Compliance Team is aware of the Salesloft ...
Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files
September 05, 2025 | Tom Neaves
AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both ...
Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner
August 28, 2025 | Karla Agregado
In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant ...
Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery
August 27, 2025 | Bolesław Szołtysik, Chris Tomboc, Serhii Melnyk
During a recent Advanced Continual Threat Hunt (ACTH) investigation, the ...
How Researchers Collect Indicators of Compromise
August 14, 2025 | Messiah Dela Cruz
As security researchers, we actively monitor the latest CVEs and their publicly ...
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal
August 13, 2025 | Nathaniel Morales and Nikita Kazymirskyi
Trustwave SpiderLabs researchers have recently identified an EncryptHub ...
Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation
August 08, 2025 | Serhii Melnyk, Cris Tomboc and King Orande
The Trustwave SpiderLabs CTI team began correlating telemetry from multiple ...
Understanding DocumentDB’s Network Security Trade-Offs: The VPC Challenge
August 05, 2025 | Selam Gebreananeya
AWS DocumentDB by default is securely isolated within a VPC, unreachable from ...
Back Up With Care, But Neglecting Patches can Leave You in Despair!
July 31, 2025 | Rox Harvey Rosales
CVE-2024-7348, which was discovered by Noah Misch, is a race condition ...
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
July 23, 2025 | Serhii Melnyk
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server ...
Using SQLmap to Dig for Sensitive Data in SQL Databases
July 22, 2025 | Karl Biron
In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing ...
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
July 21, 2025 | Nikita Kazymirskyi
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
July 18, 2025 | Serhii Melnyk
Malicious APKs (Android Package Kit files) continue to serve as one of the most ...