Estimated reading time: 3 minutes
Executive Summary CVE-2025-31324 is a critical remote code execution (RCE) vulnerability affecting the SAP NetWeaver Development Server, one of the core components used in enterprise environments for application development and integration. The vulnerability stems from improper validation of uploaded...Information Technology, Network Security & Cybersecurity Updates
Estimated reading time: 3 minutes
In an increasingly mobile-first world, organizations are leveraging mobile devices for a variety of operational needs – making them indispensable tools for business productivity. Whether it’s sales reps using tablets in the field, managers accessing dashboards from their phones,...Estimated reading time: 10 minutes
Contents Introduction Key Targets Industries Affected. Geographical Focus. Infection Chain. Initial Findings Looking into the malicious email. Looking into the decoy-document. Technical Analysis Stage 0 – Malicious ZIP & LNK files. Stage 1 – Malicious BATCH scripts. Stage 2...
Estimated reading time: 10 minutes
Executive Summary In early June 2025, Google’s corporate Salesforce instance (used to store contact data for small‑ and medium‑sized business clients) was compromised through a sophisticated vishing‑extortion campaign orchestrated by the threat‑group tracked as UNC6040 & UNC6240 (online cybercrime collective known...
Estimated reading time: 4 minutes
Introduction AI-powered malware has become quite a trend now. We have always been discussing how threat actors could perform attacks by leveraging AI models, and here we have a PoC demonstrating exactly that. Although it has not yet been...
Estimated reading time: 13 minutes
Table of Contents: Introduction Threat Profile Infection Chain Campaign-1 Analysis of Decoy: Technical Analysis Fingerprint of ROKRAT’s Malware Campaign-2 Analysis of Decoy Technical analysis Detailed analysis of Decoded tony31.dat Conclusion Seqrite Protections MITRE Att&ck: IoCs Introduction: Seqrite Lab has...
Estimated reading time: 4 minutes
Executive Summary Two high-severity vulnerabilities in WinRAR for Windows — CVE-2025-6218 and CVE-2025-8088 — allow attackers to write files outside the intended extraction directory. CVE-2025-6218 involves traditional path traversal, while CVE-2025-8088 extends the attack using NTFS Alternate Data Streams...
Estimated reading time: 3 minutes
In today’s regulatory climate, compliance is no longer a box-ticking exercise. It is a strategic necessity. Organizations across industries are under pressure to secure sensitive data, meet privacy obligations, and avoid hefty penalties. Yet, despite all the talk about...
Estimated reading time: 3 minutes
Cyberattacks aren’t slowing down—they’re getting bolder and smarter. From phishing scams to ransomware outbreaks, the number of incidents has doubled or even tripled year over year. In today’s hybrid, multi-vendor IT landscape, protecting your organization’s digital assets requires choosing...
Estimated reading time: 3 minutes
In a significant move to bolster cybersecurity in India’s financial ecosystem, the Reserve Bank of India (RBI) has underscored the urgent need for regulated entities—especially banks—to adopt Zero Trust approaches as part of a broader strategy to curb cyber...