Cloudz RAT "Pheno" Plugin Hijacking Windows Phone Link to Steal OTPs and Credentials

Scope: Microsoft Windows Phone Link (Windows 10 and 11)

Severity: High

Read More

BlueKit Phishing-as-a-Service Platform – AI-Assisted Credential Theft Campaigns

Scope: Enterprise Platforms and Online Services (Broad)

Severity: High

Read More

Atlassian Confluence Template Injection RCE (CVE-2023-22527)

Scope: Atlassian Confluence Data Center and Server

Severity: Red

Read More

Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

Scope: Palo Alto Networks PAN-OS (GlobalProtect Gateway)

Severity: Red

Read More

ConsentFix v3 – OAuth Consent Phishing Campaign Targeting Microsoft Azure and M365

Scope: Microsoft Azure / Microsoft 365 (Entra ID)

Severity: Red

Read More

Broken VECT 2.0 Ransomware – Destructive Wiper Behavior Observed

Scope: Enterprise Endpoints and File Systems

Severity: Red

Read More