Cyble’s network of honeypot sensors has detected dozens of attack attempts on vulnerabilities in the last week. The sensors are part of Cyble's Threat Hunting service that uses a suite of tools to capture real-time attack data, including exploit attempts, malware intrusions, financial fraud, and brute-force attacks. Cyble’s findings are also summarized in a weekly Sensor Intelligence report to clients. What follows are 12 vulnerabilities that Cyble has detected active attack att...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
The Australian Cyber Security Centre (ACSC), a division of the Australian Signals Directorate (ASD), has issued a comprehensive call to action for organizations to begin preparing their cybersecurity infrastructure for the advent of cryptographically relevant quantum computers (CRQC). The guidance outlines the urgency of adopting post-quantum cryptography (PQC) and provides a detailed roadmap to complete the transition by the end of 2030. CRQC: A Future Threat with Present-Day Implicati...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Overview Cyble Research and Intelligence Labs (CRIL) analyzed significant IT vulnerabilities disclosed between September 10–16, 2025. Cyble’s Vulnerability Intelligence module tracked 1,045 IT vulnerabilities, of which over 135 already have publicly available Proof-of-Concepts (PoCs). As the time-to-exploit window continues to shrink, this accelerates the risk of real-world exploitation. High-profile IT vulnerabilities were identified in Apple operating systems, Zimbra Collaboration...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
In August, Qilin was the most active ransomware group for the fourth time in five months, while a new ransomware group is quickly moving up the ranks. Qilin’s 104 claimed victims in August were nearly double second-place Akira’s 56, but the rapid rise of Sinobi to third place has been one of the more intriguing recent developments in the ransomware landscape (chart below). The dominance of Qilin and the rise of Sinobi were among the revelations in Cyble’s latest global threat lands...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Executive Summary CRIL identified an active Maranhão Stealer campaign that is being distributed through social engineering websites hosted on cloud platforms. Current intelligence indicates that the malware has been active since May 2025 and is actively being developed. The threat actors primarily target gaming users by distributing gaming-related links, cheats, and pirated software downloads. (e.g., hxxps://derelictsgame.in/DerelictSetup.zip). The ZIP archives include an Inno Setup installe...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Cyble Vulnerability Intelligence researchers tracked 1,224 vulnerabilities in the last week, as the monthly “Patch Tuesday” release cycle of vendor fixes yielded a high number of new vulnerabilities. More than 129 of the disclosed vulnerabilities already have publicly available Proofs-of-Concept (PoCs), significantly increasing the likelihood of many new vulnerabilities being exploited. Google, Linux, Microsoft, and Samsung were the top vendors and projects with reported vulnerabiliti...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent warning following the active exploitation of a critical vulnerability affecting SonicWall SSL VPN appliances across Australia. The flaw, CVE-2024-40766, is being leveraged by threat actors, including those deploying Akira ransomware, to gain unauthorized access to networks and, in some instances, cause firewall crashes. This vulnerability, first disclosed in August 2024 under advisory...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Shared Services Canada (SSC), the federal agency responsible for delivering digital services and IT infrastructure across the Government of Canada (GC), has issued a comprehensive update on the state of cybersecurity and digital transformation within the federal public service. In a recent ministerial transition briefing, SSC detailed both pressing challenges and strategic advancements, with a focus on enhancing the resilience of GC systems against digital threats. The report, addressed to th...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Executive Summary In a deep-dive analysis, Cyble Research and Intelligence Labs (CRIL) identified an ongoing in-the-wild Linux botnet campaign, which we have dubbed “Luno.” This campaign combines cryptocurrency mining, remote command execution, and modular DDoS attack capabilities. Additionally, it uses watchdog-based respawning and unusually strong anti-analysis defences into a single malware framework, indicating active professional threat actor involvement. Unlike conventional cryptomi...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
A new international framework has been released to promote the adoption of the Software Bill of Materials (SBOM). This move is aimed at enhancing transparency and security across software supply chains. Developed collaboratively by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and 17 global partners, the guidance provides a structured approach for organizations that produce, procure, or operate software to incorporate SBOMs into their cybersecurity strategy. National ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Cyble identified 908 IT vulnerabilities last week—188 with public PoCs. Critical flaws affect Cisco, Apple, Fortinet, WinRAR, and more.| Cyble
Qilin ransomware group tops June 2025 with 86 victims, surpassing rivals in a shifting threat landscape. Read Cyble’s analysis of top ransomware groups.| Cyble
Ransomware groups like Qilin dominated July attacks with 73 victims. New variants and groups, including AiLock and Crux, target critical industries globally.| Cyble
ACSC alerts on CVE-2025-53770, a SharePoint flaw under active attack. Urges immediate patching to protect on-premises systems from remote code execution.| Cyble
Cyble investigates the DOGE BIG BALLS Ransomware, analyzing its operation and the false ties made to Edward Coristine.| Cyble
JPCERT's Q1 2025 report shows rising phishing, defacements, and VPN flaws, highlighting key cyber threats and response challenges in Japan and beyond.| Cyble
Cyble's incident management tools help you detect, respond, and resolve threats faster. Secure your business with smarter alert handling today!| Cyble
Experience the award-winning Cyble Vision Threat Intelligence Platform. Schedule a demo and witness its power in action. Discover how it safeguards against threats and provides real-time insights for your cybersecurity needs| Cyble
A cybersecurity threat actor, defined as an individual, group, organization, or entity engaged in activities designed to compromise computer systems, or information, can have various motivations. Read more about threat actors at Cyble!| Cyble