TLP: AMBERAnalyst: Agostino Pellegrino, Crescenzo Cuoppolo, Alessio BandiniLast revision date: 2025-06-24 This forensic technical report documents the complete analysis of a multi-stage infostealer delivered via
Citrix has reported a new critical vulnerability in its NetScaler appliances, already actively exploited by attackers. The problem is identified with the identifier CVE-2025-6543 and
We continue our series of articles on IABs by writing about an Iranian cyber contractor that not only works as an initial access broker but
Do you remember the infamous REvil cyber gang? The Russian hacker group responsible for some of the most devastating ransomware attacks in the early days
Shocking news in France: one of the largest global cybercrime networks dismantled. The BreachForum hackers were… French. French authorities have busted a large cybercrime operation,
A dangerous vulnerability has been discovered in the latest version of the popular text editor Notepad++ that allows an attacker togain complete control over the
Attackers are actively exploiting a critical privilege escalation vulnerability in the WordPress Motors theme, allowing them to hijack administrator accounts and take complete control of the target
The developers of the Qilin ransomware (recently interviewed by us) offered their partners the help and advice of a team of lawyers, so that they
The United States has warned of possible cyber attacks by pro-Iranian groups following a series of airstrikes against Iranian nuclear facilities, as part of the
According to a report by Cato Networks, cybercriminals continue to actively use LLM patterns in their attacks. Specifically, we are talking about versions of theGrok and Mixtral patterns that have
