Threat Research

    Critical Vulnerabilities in Ivanti EPMM Exploited

    Two critical zero-day vulnerabilities, CVE-2026-1281 and CVE-2026-1340, are impacting Ivanti Endpoint Manager Mobile (EPMM). They are actively exploited in the wild, targeting enterprise mobile fleets and corporate networks. The flaws allow unauthenticated remote code execution on affected servers....
    2/19/2026  0
    Read More »

    Remote Access, Real Cargo: Cybercriminals Targeting Trucking and Logistics

    Cybercriminals are targeting trucking and freight companies through complex attack chains to steal cargo shipments. Cargo theft has become a multi-million-dollar industry, with digital transformation fueling a surge in cyber-enabled theft. Attackers infiltrate logistics firms and exploit their access to bid on shipments, which they then steal and resell....
    11/4/2025  0
    Read More »

    Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations

    Multiple Russian IP address ranges—masked through VPNs, proxy servers, and VPS infrastructure—are being used in cybercrime operations aligned with North Korea's Void Dokkaebi group (also known as Famous Chollima). These IPs are linked to companies near the North Korea-Russia border and support IT workers operating from countries like China, Russia, and Pakistan....
    4/24/2025  0
    Read More »

    New Tornet Backdoor Seen in Widespread Campaign

    A financially motivated threat actor has been running a malicious campaign since July 2024, primarily targeting users in Poland and Germany. The actor uses phishing emails to deliver various payloads, including Agent Tesla, Snake Keylogger, and a new, undocumented backdoor called TorNet, which is dropped by PureCrypter malware....
    1/29/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.