Technology ❯ Cybersecurity ❯ Incident Response

Indicators of Compromise

Scattered LAPSUS$ Hunters Post-Attack Actions System Cleaning Malicious Activity File and Log Indicators Detection and Prevention YARA Rules Detection Methods Exploitation Activity Firmware Investigation

Ghost CMS Flaw Used to Poison More Than 700 Websites With ClickFix Malware

By stealing admin API keys through an SQL injection, attackers can inject cloaked scripts that trick visitors into running Windows commands.

DAEMON Tools Confirms Supply-Chain Breach, Releases Clean Lite 12.6

CISA Lists F5 BIG-IP APM Flaw as Actively Exploited RCE, Sets March 30 Patch Deadline

Hackers Actively Exploit 'Metro4Shell' CVE-2025-11953 in React Native Metro Servers

SolarWinds Releases Web Help Desk 2026.1 to Fix Critical RCE and Authentication Bypass Flaws

CISA Flags Actively Exploited WatchGuard Firebox RCE as Patches and IoCs Roll Out

WrtHug Campaign Hijacks About 50,000 ASUS Routers Worldwide

Mandiant Says Hackers Exploit Triofox Flaw to Create Admin Accounts and Execute Code

Cisco SNMP Zero‑Day Fueled ‘Operation Zero Disco’ Rootkit Attacks on Older Switches

Oracle Rushes Fix as Cl0p’s Exploitation of E‑Business Suite Zero‑Day Dates to August

Researchers Say GoAnywhere CVSS 10 Flaw Was Exploited as Zero-Day Before Disclosure

CISA Orders Immediate Fix for Actively Exploited Sitecore ViewState Flaw (CVE-2025-53690)