All Posts

Since the beginning of October 2025, ICS Labs  has identified a massive campaign to spread banking malware called Maverick  , with over 62,000 observed attacks  targeting Brazil  . The threat exhibits characteristics of advanced social engineering, fileless execution, and automatic propagation via WhatsApp  , affecting both home users and corporate environments. Threat overview: The infection begins with receiving a message on WhatsApp containing a compressed file (.zip), di

ICSLabs has identified a technique that allows malicious actors to interact with the Microsoft Teams, Skype, and Microsoft Graph APIs to read and send messages on behalf of the victim, enabling data exfiltration, internal spear-phishing, and lateral movement without needing a password or bypassing MFA directly. The technique exploits the way Microsoft Teams uses WebView processes (msedgewebview2.exe) and stores cookies in a local SQLite database. Tools adapted from "Cookie-M

Oracle EBS (E-Business Suite) is warning about a critical vulnerability identified as CVE-2025-61882, rated critical (CVSS 9.8), which...

Jaguar Land Rover, UK's Largest Carmaker, Issues Alert on Massive Cyberattack Jaguar Land Rover (JLR) has confirmed a cyberattack that...

Trend Micro has issued an urgent alert regarding two critical command injection vulnerabilities (CVE-2025-54948 and CVE-2025-54987) in...

ICSLabs has detected a significant increase in malicious network activity exploiting CVE-2024-3721, a critical unauthenticated command...

CVE-2024-57727  is a critical vulnerability that allows malicious actors to access and download arbitrary files from a server without...

This persistent attack was identified by the Google Threat Intelligence Group (GTIG)  and attributed, with moderate confidence, to a...

Microsoft Threat Intelligence  has uncovered a cyber espionage campaign by an actor tracked as Secret Blizzard , targeting embassies...