The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT
November 07, 2025 | Karl Biron
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
November 04, 2025 | Serhii Melnyk
Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...
Notepad++ DLL Hijacking (CVE-2025-56383): CVSS 8.4 or CVSS 0.0?
October 03, 2025
A vulnerability on a popular source-code editor has been recently released ...
From Folding to Folded: Hacking High Volume Mailer Machines
September 30, 2025 | John Jackson
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for ...
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities
September 26, 2025 | Harold Zang
REDCap, developed by Vanderbilt University, is a secure platform designed for ...
Salesloft Drift Supply Chain Attack Affects Hundreds of Businesses
September 09, 2025 | Karl Sigler
Trustwave's Security & Compliance Team is aware of the Salesloft ...
How Researchers Collect Indicators of Compromise
August 14, 2025 | Messiah Dela Cruz
As security researchers, we actively monitor the latest CVEs and their publicly ...
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal
August 13, 2025 | Nathaniel Morales and Nikita Kazymirskyi
Trustwave SpiderLabs researchers have recently identified an EncryptHub ...
Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation
August 08, 2025 | Serhii Melnyk, Cris Tomboc and King Orande
The Trustwave SpiderLabs CTI team began correlating telemetry from multiple ...
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
July 23, 2025 | Serhii Melnyk
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server ...
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
July 21, 2025 | Nikita Kazymirskyi
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
July 18, 2025 | Serhii Melnyk
Malicious APKs (Android Package Kit files) continue to serve as one of the most ...
Tracing Blind Eagle to Proton66
June 27, 2025 | Serhii Melnyk
Trustwave SpiderLabs has assessed with high confidence that the threat group ...
Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector
June 25, 2025
Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors
June 24, 2025 | Nathaniel Morales
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and ...
The Attack Vector: Database Triggers as Persistence Mechanisms
June 24, 2025 | Jose Tozo
Organizations often assume that restoring a backup to a patched environment ...
The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone
June 18, 2025 | Arthur Erzberger
The Israel-Iran conflict is barely a week old, but the security repercussions ...
Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025
May 21, 2025
As the summer travel season approaches, travelers worldwide are busy booking ...
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
May 06, 2025 | Karl Biron
Let’s explore the critical role of Modbus in energy and manufacturing systems, ...
Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse
April 08, 2025 | Serhii Melnyk and Nikita Kazymirskyi
In February 2025, the cybersecurity community witnessed an unprecedented leak ...
2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures
March 26, 2025
Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
March 20, 2025 | Karl Biron
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your ...
The Russia-Ukraine Cyber War Part 4: Development in Group Attributions for Russian State Actors
March 07, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital ...
A Deep Dive into Strela Stealer and how it Targets European Countries
March 06, 2025 | Dawid Nesterowicz
Infostealers have dominated the malware landscape due to the ease of threat ...
The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure
March 05, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This post is the third part of our blog series that tackles the Russia-Ukraine ...
The Russia-Ukraine Cyber War Part 2: Attacks Against Government Entities, Defense Sector, and Human Targets
February 25, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we ...
Beyond the Chatbot: Meta Phishing with Fake Live Support
February 04, 2025 | Mike Casayuran and John Kevin Adriano
In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals ...
CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day
January 14, 2025
In late November and December 2024, Arctic Wolf observed evidence of a mass ...