45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks...

How to Protect Your SaaS from Bot Attacks with SafeLine WAF

Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, something feels off: Sign-ups increase, but users aren’t activating. Server cos...

Infrastructure Patterns in Toll Scam Domains: A Comprehensive Analysis of Cybercriminal Registration and Hosting Strategies

Toll scams involve criminals registering fake domains that pretend to be legitimate transportation agencies to trick users into making fraudulent payments. Although these scams are rapidly increasing and causing significant harm, they have not been extensively studied. We present the first...

EUVD-2006-2915

Malware in sbrugna...

EUVD-2006-2732

Malware in sbrugna...

EUVD-2020-2567

Malware in sbrugna...

CVE-2025-50850

An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords brute-force attack to gain unauthoriz...

Mars: No Rate Limiting on Password Attempts After Insecure Registration Flow cause ATO

An authentication vulnerability was identified that lacked rate limiting controls on password attempts. The flaw allowed unlimited brute force attacks against user accounts without triggering security measures. Attackers could perform consecutive password attempts and distinguish successful...

Dero miner zombies biting through Docker APIs to build a cryptojacking horde

Introduction Imagine a container zombie outbreak where a single infected container scans the internet for an exposed Docker API, and bites exploits it by creating new malicious containers and compromising the running ones, thus transforming them into new "zombies" that will mine for Dero currency...

Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind

AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alert...

Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks

The Clop ransomware group has once again demonstrated its ability to exploit vulnerabilities to compromise sensitive systems. As Cleo—a managed file transfer provider for businesses—grapples with the aftermath of Clop’s targeted attack on their systems, the spotlight turns to CVE-2024-50623 and...

Prompt Injection Defenses Against LLM Cyberattacks

Interesting research: "Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks": Large language models LLMs are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defens...

Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly. Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10%...

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Tyler Starks, Christiaan Beek, Robert Knapp, Zach Dayton, and Caitlin Condon contributed to this blog. Rapid7’s managed detection and response MDR teams have observed increased threat activity targeting Cisco ASA SSL VPN appliances physical and virtual dating back to at least March 2023. In some...

Preventing Bot Attacks and Online Fraud on APIs

The rapid proliferation of Application Programming Interfaces APIs is spearheading digital transformation, leading to explosive growth in adoption of APIs in recent years. In fact, it’s hard to think of any software that doesn’t use or is in itself, an API. By supporting swift development and...

Why is Robust API Security Crucial in eCommerce?

API attacks are on the rise. One of their major targets is eCommerce firms like yours. APIs are a vital part of how eCommerce businesses are accelerating their growth in the digital world. ECommerce platforms use APIs at all customer touchpoints, from displaying products to handling shipping. Owi...

Bypassing Two-Factor Authentication

These techniques are not new, but theyre increasingly popular: …some forms of MFA are stronger than others, and recent events show that these weaker forms arent much of a hurdle for some hackers to clear. In the past few months, suspected script kiddies like the Lapsus$ data extortion gang and...

What You Need to Do Today to Protect Against Account Takeover Attacks

Historically, account takeover ATO has been recognized as an attack in which cybercriminals take ownership of online accounts using stolen passwords and usernames. Cybercriminals purchase a list of account credentials from the dark web that are usually compiled by hackers through social...

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

Co-authored by Ryan Barnett. AppSec Protections for Microsoft Exchange CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 On March 2, 2021, the Microsoft Security Response Center alerted its customers to several critical security updates to Microsoft Exchange Server, addressing...

Prepare for more sophisticated security threats in 2021

As computing becomes more distributed to achieve greater optimization and efficiency, the threats posed by cyberattackers are destined to become increasingly more sophisticated. Here are some steps organizations should take in 2021 to mitigate such sophisticated security threats. Start with...