MuddyWater Iranian APT Deploying "False Flag" Ransomware via Microsoft Teams (Darkcomp RAT)

Scope: Microsoft Teams (Enterprise Environments)

Severity: Red

Read More

Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

Scope: Palo Alto Networks PAN-OS (GlobalProtect Gateway)

Severity: Red

Read More

BlueKit Phishing-as-a-Service Platform – AI-Assisted Credential Theft Campaigns

Scope: Enterprise Platforms and Online Services (Broad)

Severity: High

Read More

ConsentFix v3 – OAuth Consent Phishing Campaign Targeting Microsoft Azure and M365

Scope: Microsoft Azure / Microsoft 365 (Entra ID)

Severity: Red

Read More

Atlassian Confluence Template Injection RCE (CVE-2023-22527)

Scope: Atlassian Confluence Data Center and Server

Severity: Red

Read More

SAP NPM Supply Chain Compromise – Malicious Packages Stealing Developer Credentials

Scope: SAP NPM Packages / Developer Environments

Severity: Red

Read More