UNG0901 deploys EAGLET backdoor via phishing, stealing defense data from firms like VASOJuly 2025 A cyber-espionage campaign dubbed Operation Cargo Talon is targeting the Russian aerospace and defense sectors, delivering a backdoor named EAGLET for data exfiltration. The operation has been attributed to a threat cluster identified as UNG0901 (Unknown Group 901). Primary Target The…
Fake IT workers fund cyber activities, evading sanctions via illicit revenues24 July 2025 The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Korea Sobaeksu Trading Company and three individuals Kim Se Un, Jo Kyong Hun, and Myong Chol Min for operating a clandestine IT worker network that generates revenue for North Korea’s nuclear…
Fake calls reset passwords for ransomware on ESXi, hitting U.S. aviation and infra. The cybercrime group Scattered Spider also known as UNC3944, 0ktapus, Muddled Libra, and Octo Tempest is conducting targeted attacks on VMware ESXi hypervisors across North America’s retail, airline, and transportation sectors. According to Google’s Mandiant, the group’s tactics rely heavily on social engineering, particularly…
United Natural Foods hit hard, causing delays and $400M losses in critical food distributionJuly 2025 United Natural Foods Inc. (UNFI) a major food distributor and Whole Foods Market’s primary supplier confirmed that a June 2025 cyberattack forced it to shut down core systems, resulting in lost sales of up to $400 million and an estimated…
Active attacks on CVE-2025–53770 hit U.S. agencies and firms, installing Tool Shell backdoor for data theftJuly 2025 Microsoft has released an emergency security update to fix an actively exploited vulnerability in SharePoint Server, tracked as CVE-2025–53770. The flaw is reportedly being used in real-world attacks to compromise U.S. federal agencies, universities, and energy firms. Vulnerability…
What Salesforce’s Patch Nightmare Teaches About Tableau Server Risks On June 26, 2025, Salesforce disclosed eight critical vulnerabilities in Tableau Server the widely deployed BI and analytics platform. These flaws, affecting versions prior to 2025.1.3, 2024.2.12, and 2023.3.19, open the door to remote code execution, unauthorized database access, SSRF, and path traversal attacks. What Changed?…
Read More “Could Your Business Intelligence Platform Be the Next Attack Vector?” »
The Microsoft Breach That Reminds Us: No One’s Off Limits When you think “cyberattack,” you might picture sketchy links, ransomware pop-ups, or shady USB drives. But what if we told you a silent, state-sponsored operation just slipped through one of the most trusted platforms in the world Microsoft’s email infrastructure? That’s exactly what happened in a…
In a chilling display of modern cyber tactics, a new phishing campaign has emerged that delivers the DeerStealer malware using a deceptively harmless .LNK shortcut file. This attack leverages Microsoft’s own tools against users in a technique known as Living Off the Land (LOLBin)—and it’s a wake-up call for all organizations relying solely on conventional security layers. What Makes This Threat So…
Read More “Could a Simple Shortcut File Be Hiding a Sophisticated Malware Attack?” »
Cyber Security Operations Centers (CSOCs) are no longer optional for digitally enabled enterprises. In an environment marked by sophisticated cyber threats, expanding regulatory mandates, and increasing stakeholder expectations, a well-architected CSOC forms the backbone of organizational cyber defense. 1. Understanding the Role of a CSOC A Cyber Security Operations Center is a centralized facility that…
Read More “Finstein’s 24×7 CSOC: Powering Cyber Resilience & Compliance in India” »
The AI Agent Revolution AI agents are no longer just a buzzword — they are transforming how businesses automate workflows, serve customers, and manage data. From large language model–based virtual assistants to autonomous code-writing bots, AI agents promise to reduce costs, boost efficiency, and reshape entire industries. Yet beneath this technological promise lies a stark…
Read More “AI Agents: The Next Frontier and the Hidden Cybersecurity Risks You Can’t Ignore” »
