SpiderLabs Blog

Sha1-Hulud: The Second Coming of The New npm GitHub Worm

December 03, 2025 | Karl Sigler

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287

November 14, 2025 | Fernando Martinez

LevelBlue Labs is tracking a severe vulnerability in Windows Server Update ...

The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT

November 07, 2025 | Karl Biron

In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of ...

Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand

November 04, 2025 | Serhii Melnyk

Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...

Public Sector Ransomware Attacks Relentlessly Continue

October 22, 2025

In 2025, 36 years after the first ransomware attack was recorded, actors ...

Data in the Dark: The Public Sector on the Dark Web

October 15, 2025

The dark web serves as a refuge for threat actors to gather intel, trade ...

Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner

August 28, 2025 | Karla Agregado

In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant ...

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies

July 21, 2025 | Nikita Kazymirskyi

Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner

July 04, 2025 | Nikita Kazymirskyi

On July 3, 2025, Qantas confirmed in an update statement that a cyber incident ...

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector

June 25, 2025

Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...

Storm-0558 and the Dangers of Cross-Tenant Token Forgery

May 21, 2025 | Damian Archer

Modern cloud ecosystems often place a single identity provider in charge of ...

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’

April 01, 2025 | John Basmayor

An investigation that started with a tip from one of our threat intel sources ...

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise

March 25, 2025 | Nikita Kazymirskyi and Karl Sigler

On March 20, a relatively unknown user on Breach Forums posted the allegation ...

A Deep Dive into Strela Stealer and how it Targets European Countries

March 06, 2025 | Dawid Nesterowicz

Infostealers have dominated the malware landscape due to the ease of threat ...

Lessons from a Honeypot with US Citizens’ Data

November 13, 2024 | Radoslaw Zdonczyk and Nikita Kazymirskyi

Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team ...

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)

October 17, 2024 | Karl Biron

Introduction In the perpetually evolving field of cybersecurity, new threats ...

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

September 24, 2024 | Mike Casayuran

HTML smuggling techniques have been around for quite some time. A previous ...

Why Do Criminals Love Phishing-as-a-Service Platforms?

September 23, 2024 | Rodel Mendrez

Phishing-as-a-Service (PaaS) platforms have become the go-to tool for ...

Your Money or Your Data: Ransomware Readiness Planning

September 02, 2024 | David Broggy

Today’s blog installment brings us to the end of our 30-week journey that ...

Exposed and Encrypted: Inside a Mallox Ransomware Attack

August 27, 2024 | Bernard Bautista

Recently, a client enlisted the support of Trustwave to investigate an ...

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928

August 16, 2024 | Karl Biron

In early 2021, a new vulnerability, identified as CVE-2021-27928, was ...

Atlas Oil: The Consequences of a Ransomware Attack

June 25, 2024 | Arthur Erzberger

Overview Atlas Oil, a major player in the oil and fuel distribution industry, ...

Experiencing a security breach?

Experiencing a security breach?

Sha1-Hulud: The Second Coming of The New npm GitHub Worm

Stay Informed

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287

The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT

Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand

Public Sector Ransomware Attacks Relentlessly Continue

Data in the Dark: The Public Sector on the Dark Web

Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector

Storm-0558 and the Dangers of Cross-Tenant Token Forgery

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise

A Deep Dive into Strela Stealer and how it Targets European Countries

Lessons from a Honeypot with US Citizens’ Data

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

Why Do Criminals Love Phishing-as-a-Service Platforms?

Your Money or Your Data: Ransomware Readiness Planning

Exposed and Encrypted: Inside a Mallox Ransomware Attack

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928

Atlas Oil: The Consequences of a Ransomware Attack

Threat Advisory: Snowflake Data Breach Impacts Its Clients

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.