SISA Weekly Threat Watch

Malicious NPM Package Uses Google Calendar as C2 Channel

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being reported across various platforms. Recent cybersecurity

Malicious NPM Package Uses Google Calendar as C2 Channel

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being reported across various platforms. Recent cybersecurity

Black Basta Ransomware Adopts Sophisticated Social Engineering Tactics

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities

Emerging Threat: Rockstar 2FA Phishing Service Targets Microsoft 365 Credentials

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Critical Alert: Over 2,000 Palo Alto Devices Compromised in Active Exploitation Campaign

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Helldown Ransomware Exploits Zyxel VPN Flaw to Target Corporate Networks

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Hackers Use ZIP Concatenation to Evade Detection on Windows Systems

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Windows Systems Compromised by Backdoored Linux VMs

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Black Basta Ransomware Uses MS Teams Impersonation to Breach Networks

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Qilin.B Ransomware Variant Gets a Major Upgrade

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

GitLab Vulnerability Exposes CI/CD Pipelines to Arbitrary Execution

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Emerging Botnet “Gorilla” Launches Large-Scale DDoS Attacks Across Multiple Countries DDoS

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

5 Attacks linked to Exposed Cloud credentials that are Shaking up the Cybersecurity Industry

At SISA, we understand the ever-evolving nature of cyber threats and the importance of staying one step ahead to protect

5 Attacks linked to Exposed Cloud credentials that are Shaking up the Cybersecurity Industry

At SISA, we understand the ever-evolving nature of cyber threats and the importance of staying one step ahead to protect

Atomic macOS Stealer (Amos): A new Mac malware being sold via Telegram

Malware attacks on Apple’s Macs are less common than on Windows PCs, yet

ViperSoftX: Info-stealing malware targeting cryptocurrency wallets and password managers

ViperSoftX, a malware that steals cryptocurrencies and personal data, has been circulating since

AuKill: A ‘defense evasion tool’ disables EDR software via BYOVD attack

Ransomware gangs have been using a new defensive evasion tool since the beginning

Trigona Ransomware: Hackers target MS-SQL servers for double extortion attacks

Trigona ransomware, first discovered in October 2022, claims to undertake double extortion attacks

Vice Society Ransomware: Threat group automates data theft using PowerShell scripts

Vice Society is a ransomware gang that has been involved in high-profile activity

Qakbot: A banking Trojan being distributed via email hijacking

Qakbot is a sophisticated and highly dangerous banking Trojan that is primarily used

Rorschach Ransomware: New strain of attacks with the fastest encryption speed

Rorschach Ransomware is a type of malicious software (malware) that encrypts files on

ShellBot: A DDoS Bot targeting poorly managed Linux servers

ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl,

Typhon Reborn V2: Info-stealer reappears with advanced anti-analysis capabilities

Information stealer Typhon was first made public in mid-2022. It specifically targeted Microsoft

Dark Power Ransomware: Targeting businesses with a unique ransom note

Dark Power is a ransomware strain that was first identified in 2020. It

Malicious NPM Package Uses Google Calendar as C2 Channel

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being reported across various platforms. Recent cybersecurity

Malicious NPM Package Uses Google Calendar as C2 Channel

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being reported across various platforms. Recent cybersecurity

Black Basta Ransomware Adopts Sophisticated Social Engineering Tactics

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities

Emerging Threat: Rockstar 2FA Phishing Service Targets Microsoft 365 Credentials

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Critical Alert: Over 2,000 Palo Alto Devices Compromised in Active Exploitation Campaign

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Helldown Ransomware Exploits Zyxel VPN Flaw to Target Corporate Networks

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Hackers Use ZIP Concatenation to Evade Detection on Windows Systems

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Windows Systems Compromised by Backdoored Linux VMs

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Black Basta Ransomware Uses MS Teams Impersonation to Breach Networks

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Qilin.B Ransomware Variant Gets a Major Upgrade

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

GitLab Vulnerability Exposes CI/CD Pipelines to Arbitrary Execution

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Emerging Botnet “Gorilla” Launches Large-Scale DDoS Attacks Across Multiple Countries DDoS

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being

Threat Intel Hub

Malicious NPM Package Uses Google Calendar as C2 Channel

Malicious NPM Package Uses Google Calendar as C2 Channel

5 Attacks linked to Exposed Cloud credentials that are Shaking up the Cybersecurity Industry

5 Attacks linked to Exposed Cloud credentials that are Shaking up the Cybersecurity Industry

Malicious NPM Package Uses Google Calendar as C2 Channel

Malicious NPM Package Uses Google Calendar as C2 Channel

Trending

How to Become PCI Certified? Its Importance & Implications in India 2025

Security Protocols Organizations Need To Follow In 2025

ProACT MXDR: an Agentic SOC with a Human Touch

AI security e-guide: The rising AI threat landscape & why training matters

5 Attacks linked to Exposed Cloud credentials that are Shaking up the Cybersecurity Industry

5 Cloud Exploitation Incidents Alarming the Cybersecurity World

SISA Evaluates Privacy Risks across Fintech Firm’s Applications

Wibmo Achieves Seamless Compliance with SISA ProACT MXDR

Company

Services

Resources

Quick Links

Connect with us

Events

SISA is a Forensics-Driven Cybersecurity Partner at the DSCI FINSEC Conclave 2025

Case Study

SISA Evaluates Privacy Risks across Fintech Firm’s Applications

Infosec Report

Digital Threat Report 2024 For the BFSI Sector

Weekly Threat Watch

Malicious NPM Package Uses Google Calendar as C2 Channel

Blog

How to Become PCI Certified? Its Importance & Implications in India 2025

News Room

SISA Unveils Next-Gen Agentic SOC at RSAC 2025 in San Francisco

Whitepaper

ProACT MXDR: an Agentic SOC with a Human Touch

Webinar

Future-Proofing Digital Payments: Leveraging Forensics for Quantum Safe Migration

Get access to your ROI Breakdown

Sign up for SISA's Daily
Threat Watch Advisory