Scenario 3: SOC/SIEM Takes in and Summarizes Windows Events (Log Files)
January 29, 2026 | Tom Neaves
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
The Hard Lessons Learned by Analyzing Education Sector Cyberattacks
January 26, 2026
In the last quarter of 2025, LevelBlue SpiderLabs used telemetry from the ...
CVE-2009-0556: The 2009 PowerPoint Bug that Refuses to Die
January 23, 2026 | Messiah Dela Cruz
In 2009, LevelBlue Vice President of Security Research Ziv Mador and Cristian ...
Ni8mare on Automation Street: When Workflows Turn Into an Attack Path
January 15, 2026 | Nikita Kazymirskyi
CVE-2026-21858 (Ni8mare) is a maximum-severity vulnerability in self-hosted n8n ...
Preparing for the AI Job Market: A Security Professional's Roadmap
January 14, 2026 | David Broggy
Every now and then, LevelBlue SpiderLabs diverts a bit from its normal course ...
BEC Email Trends: Attacks up 15% in 2025
January 13, 2026 | Katrina Udquin
Business Email Compromise (BEC) is a sophisticated form of phishing attack in ...
Threat Intelligence News from LevelBlue SpiderLabs January 2026
January 06, 2026
January 2026
A 2025 Threat Trends Analysis
December 22, 2025 | Andrea Martinez and Peter Connolly
As 2025 winds down and cruises into the holiday season, it’s a good time to ...
Holiday Fraud 2025: Gift Card Schemes Exploiting Seasonal Shopping
December 19, 2025 | Serhii Melnyk
Children with a vision of a huge payout from Santa Claus are not the only ones ...
LevelBlue SpiderLabs: SQL Injection in Orkes Conductor: CVE-2025-66387
December 18, 2025 | Tim Stamopoulos
LevelBlue SpiderLabs has discovered a vulnerability in the Orkes Conductor ...
A Rising Tide of Threats: The Offshore Energy Industry’s Threat Landscape
December 12, 2025
Key Findings:
Threat Intelligence News from LevelBlue SpiderLabs December 2025
December 12, 2025
LevelBlue SpiderLabs is the threat intelligence unit of LevelBlue and includes ...
Sha1-Hulud: The Second Coming of The New npm GitHub Worm
December 03, 2025 | Karl Sigler
Sha1-Hulud is back with a new evolution of its supply-chain attack that targets ...
Handala's Latest Publication Targets Israeli High-Tech Specialists
November 26, 2025 | Arthur Erzberger
The Handala hacker group has recently published a list of Israeli high-tech and ...
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
November 19, 2025 | Nathaniel Morales, John Basmayor, and Nikita Kazymirskyi
LevelBlue SpiderLabs researchers have recently identified a banking Trojan we ...
Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287
November 14, 2025 | Fernando Martinez
LevelBlue Labs is tracking a severe vulnerability in Windows Server Update ...
SharpParty: Process Injection in C#
November 11, 2025 | Will Rabb
This article also appears on the Stroz Friedberg, A LevelBlue Company, blog ...
The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT
November 07, 2025 | Karl Biron
In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of ...
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
November 04, 2025 | Serhii Melnyk
Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence ...
Threat Intelligence News from LevelBlue SpiderLabs November 2025
November 01, 2025
November 2025
Bolstering Cybersecurity Resilience in the Public Sector
October 29, 2025
With digital transformation continuing unabated, the prevalence of legacy ...
Public Sector Ransomware Attacks Relentlessly Continue
October 22, 2025
In 2025, 36 years after the first ransomware attack was recorded, actors ...
The F5 BIG-IP Source Code Breach
October 17, 2025 | Karl Sigler
On August 9, F5 discovered that multiple systems were compromised by what it is ...
Data in the Dark: The Public Sector on the Dark Web
October 15, 2025
The dark web serves as a refuge for threat actors to gather intel, trade ...
Notepad++ DLL Hijacking (CVE-2025-56383): CVSS 8.4 or CVSS 0.0?
October 03, 2025
A vulnerability on a popular source-code editor has been recently released ...
Threat Intelligence News from LevelBlue SpiderLabs, October 2025
October 01, 2025
October 2025
From Folding to Folded: Hacking High Volume Mailer Machines
September 30, 2025 | John Jackson
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for ...
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities
September 26, 2025 | Harold Zang
REDCap, developed by Vanderbilt University, is a secure platform designed for ...