Google Disrupts IPIDEA Residential Proxy Network
Google researchers observed more than 550 individual threat groups using IPIDEA exit nodes during a one-week period earlier this month.
All topics
General
39 Posts
The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug
This week, we talk about how Microsoft disrupted a long-running, large-scale cybercrime-as-a-service platform called RedVDS that has been active since 2019 and was used in high-volume phishing and BEC scams (1:00), then we discuss the research from Cisco Talos on another (!) Chinese APT called UAT-8837 that is targeting critical infrastructure organizations in North America […]
A New Chinese APT Takes the Stage
Active since at least 2022, UAT-7290 demonstrates a significant capacity for conducting deep-seated espionage while simultaneously functioning as an initial access group.
IBM Warns of Critical Auth Bypass Bug in API Connect
IBM published updates for the affected versions of API Connect on Jan. 2., and urged organizations to update affected versions as soon as possible.
Serious MongoDB Flaw CVE-2025-14847 Under Exploitation
MongoDB disclosed the vulnerability (CVE-2025-14847) on Dec. 19 and a few days later, a public exploit for it appeared online.
Broad Exploit Activity Targets React2Shell Flaw
The vulnerability was disclosed publicly on Dec. 3 and researchers and threat intelligence teams immediately began seeing opportunistic and targeted exploitation attempts.