Executive Summary In July 2025, Microsoft’s Detection and Response Team (DART) identified a highly sophisticated malware campaign leveraging the SesameOp backdoor, which uniquely abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. This innovative TTP (Tactics, Techniques, and Procedures) enables threat actors to blend malicious C2 traffic with legitimate API usage, effectively bypassing traditional network security controls and evading detection.

Executive Summary In mid-October 2025, a sophisticated phishing campaign targeting users of the LastPass password manager was identified and publicly disclosed by multiple security sources. The campaign, attributed to the financially motivated threat group CryptoChameleon (UNC5356), exploits the LastPass inheritance (emergency access) feature by sending fraudulent emails that claim a family member has requested access to the recipient’s password vault due to a supposed dea

Executive Summary Between September and October 2025, the United States government experienced a significant surge in cyberattacks, with multiple sources referencing an 85% increase in incidents targeting federal agencies and critical infrastructure during the government shutdown. This escalation coincided with the expiration of the Cybersecurity Information Sharing Act of 2015 on September 30, 2025, and the onset of a government shutdown on October 1, 2025, which resulted in

Rescana Cyber Threat Intelligence Executive Summary A sophisticated and large-scale malware distribution campaign, identified as the YouTube Ghost Network , has been exposed by Check Point Research. This operation weaponized over 3,000 YouTube videos, leveraging both fake and compromised accounts to disseminate a range of infostealer malware families. The campaign exploited YouTube’s inherent trust signals—such as high view counts, likes, and positive comments—to lure unsuspe

Executive Summary On October 15, 2025, F5 publicly disclosed a significant cybersecurity breach involving a nation-state actor who gained persistent access to its internal development and engineering knowledge management systems. The breach, first detected on August 9, 2025, resulted in the exfiltration of files containing portions of BIG-IP source code, information on undisclosed vulnerabilities, and configuration or implementation data for a limited number of customers. I

Executive Summary The "Attackers Season Spam With a Touch of 'Salt'" campaign represents a sophisticated evolution in spam and phishing...

Rescana Threat Intelligence Report BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers Date: October 7, 2025...

Executive Summary On September 29, 2025, Asahi Group Holdings experienced a significant ransomware attack that severely disrupted its...

Executive Summary On September 20, 2025, BK Technologies , a provider of communications equipment for public safety and government...

Executive Summary DraftKings, a leading sports betting and daily fantasy sports provider, has experienced multiple waves of account...

Executive Summary Publication Date: October 2025 Researchers have identified a sophisticated, self-propagating malware campaign named...

Executive Summary On October 3, 2025, a coalition of threat actors known as Scattered Lapsus$ Hunters —comprising members of the...

Executive Summary On September 20, 2025, Discord disclosed a data breach resulting from the compromise of a third-party customer service...

Executive Summary On 30 September 2024, Taldor Cyber & Security  was the target of a significant cyberattack, as reported by PC.co.il...

Executive Summary The recent Gcore radar report highlights a significant shift where the gaming industry has overtaken traditional...

Executive Summary Microsoft’s recent initiative to offer free Windows 10 security updates in Europe marks a significant evolution in how...

Executive Summary Publication Date: September 24, 2025 This report provides a detailed, evidence-based analysis of the recent incident...

Executive Summary In recent months, intelligence sources have observed a sophisticated and concerning evolution in cyber tactics,...

Executive Summary In recent months, security researchers have observed a sophisticated supply chain attack targeting highly popular npm ...

Executive Summary Publication Date: Oeptember 10, 2025 In an unprecedented effort to counter the rapid evolution of cyber threats and to...