On 2018-09-12, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting Redis, Apache CouchDB, Docker, Jenkins, Drupal, MODX to achieve...
An unknown threat actor compromised the Webmin build server, and inserted a backdoor RCE vulnerability into the Webmin source code that anyone could exploit if they were aware of its existence....
On 2019-10-16, a campaign was reported, involving an unknown actor, gaining initial access via Software misconfig, targeting Docker to achieve Resource hijacking. The following tools were...
The X-59 successfully completed its inaugural flight—a step toward developing quieter supersonic jets that could one day fly customers more than twice as fast as commercial airliners.
PhantomRaven slipped over a hundred credential-stealing packages into npm A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials,...
OpenAI warned the White House on Monday that China’s commitment to building new energy generation could give it an edge in the AI race. The company recommends that the U.S. prioritize “closing the...
It is a question that successive governments have struggled with: what kind of threat does China really pose to the UK? Trying to answer it may have contributed to the high-profile collapse of the...
WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code. [...]
Every January, an exclusive career fair in Washington, D.C. marks a pivotal moment for CyberCorps scholars. Hundreds of top students from across the country meet with dozens of federal agencies...
Whether careless or malicious, insiders can cause all manner of nightmares
A leading standards body has warned of a growing “AI governance gap” as business leaders rush to adopt the new technology without first putting the requisite controls and processes in place. The...
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)Categories: Threat ResearchTags: BRONZE BUTLER, china, featured, Japan, LANSCOPE, Tick, vulnerabiity
Cross-site Scripting vulnerability (CVE-2025-10348) has been found in Eveo URVE Smart Office software.
After a months-long leadership vacuum amid intense scrutiny from one of President Donald Trump’s most vocal far-right supporters, the National Security Agency is readying a number of senior...
Cybersecurity for years has been an afterthought in the commercial space industry — viewed more as a line item than a lifeline. But that mindset is starting to shift as satellite networks grow...
In recent weeks, the Canadian Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS. One incident affected a water...
Canada's cyber agency and the RCMP say they have investigated multiple cases in which unspecified hacktivists compromised industrial control systems.
Security researchers have discovered a critical architectural flaw in the Blink rendering engine that powers Chromium-based browsers, exposing over 3 billion users to denial-of-service attacks....
Picture your online shopping site overwhelmed with fake orders, your customer accounts being drained one after another, or your essential APIs flooded by an endless wave of automated attacks. This...
Trustwave, a LevelBlue Company, was named a Leader in the IDC MarketScape: Asia/Pacific (Excluding Japan) Managed Detection and Response Services 2025 Vendor Assessment (doc # AP52998725e,...
Organizations continue their digital transformation, with APIs now serving as the main communication links between applications, platforms, services, and partners. The widespread use of APIs...
Today marks a strategic leap forward in LevelBlue’s mission to become the most complete cybersecurity partner on the market. I’m excited to announce that LevelBlue has entered into a definitive...
Cybersecurity Awareness Month (CAM): Learn how partnering with an MSSP helps organizations meet the foundational security goals recommended by CISA. Managed Security Service Providers (MSSPs):...
This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently...
Cloud computing is now central to company operations, but it can also be an opportunity for hackers. As of late last year, 80% of organizations experienced more frequent cloud attacks.[1]...
It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose....
This piece is part of a monthly series by Carisa Brockman and Bindu Sundaresan exploring the evolving world of AI governance, trust, and responsibility. Each month, we look at how organizations...
LevelBlue was recognized as a Major Player in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment ( September 2025, IDC #US52997325e.) This recognition...
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Vijay Pareek, Manager, Android Messaging & Chrome...
Peter Williams, a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to...