Estimated reading time: 10 minutes
Introduction In August 2025, a Telegram channel named “Scattered LAPSUS$ Hunters” surfaced, linking itself to notorious cybercrime groups: Scattered Spider, ShinyHunters, and LAPSUS$. The group quickly began posting stolen data, ransom demands, and provocative statements, reviving chaos once driven...Estimated reading time: 9 minutes
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – Malicious .NET Implant Hunting and Infrastructure. Conclusion Seqrite Protection. IOCs MITRE ATT&CK....
Estimated reading time: 10 minutes
Authors: Dixit Panchal, Soumen Burma & Kartik Jivani Table of Contents Introduction: Initial Analysis: Analysis of Decoy: Infection Chain: Technical Analysis: Infrastructure Hunting: Conclusion: Seqrite Coverage: IoCs: MITRE ATT&CK: Introduction: Seqrite Lab has been actively monitoring global cyber threat...Estimated reading time: 9 minutes
Content Overview Introduction Initial Vector Infection Chain Analysis of .SVG Attachment Analysis of .HTA file Analysis of .VBS file Analysis of .ps1 file Analysis of Downloader/Loader Anti-VM Technique Persistence Technique Download and Loader Function AsyncRAT Payload File MD5’s Quick...
Estimated reading time: 7 minutes
Introduction Ransomware is one of the most disruptive cyber threats, encrypting critical organizational data and demanding ransom payments for restoration. While early campaigns relied on mass phishing or opportunistic malware distribution, modern ransomware operations have evolved into highly sophisticated,...
Estimated reading time: 6 minutes
Table of Contents Introduction The Evolving Threat of Attack Loaders Objective of This Blog Technical Methodology and Analysis Initial Access and Social Engineering Multi-Stage Obfuscation and De-obfuscation Anti-Analysis Techniques The Final Payload Conclusion IOCs Quick Heal \ Seqrite Protection ...
Estimated reading time: 5 minutes
Introduction: What if your Al assistant wasn’t just helping you – but quietly helping someone else too? A recent zero-click exploit known as EchoLeak revealed how Microsoft 365 Copilot could be manipulated to exfiltrate sensitive information – without the...
Estimated reading time: 3 minutes
Executive Summary CVE-2025-31324 is a critical remote code execution (RCE) vulnerability affecting the SAP NetWeaver Development Server, one of the core components used in enterprise environments for application development and integration. The vulnerability stems from improper validation of uploaded...
Estimated reading time: 10 minutes
Recent Development: KMG Group of Companies Confirm Simulation, Not a Real Attack Thankfully, as KMG has publicly acknowledged, this was not an actual cyberattack but an internal simulation exercise. Contents Introduction Key Targets Industries Affected. Geographical Focus. Infection Chain....
Estimated reading time: 10 minutes
Executive Summary In early June 2025, Google’s corporate Salesforce instance (used to store contact data for small‑ and medium‑sized business clients) was compromised through a sophisticated vishing‑extortion campaign orchestrated by the threat‑group tracked as UNC6040 & UNC6240 (online cybercrime collective known...