Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation
August 08, 2025 | Serhii Melnyk, Cris Tomboc and King Orande

Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Understanding DocumentDB’s Network Security Trade-Offs: The VPC Challenge
August 05, 2025 | Selam Gebreananeya
AWS DocumentDB by default is securely isolated within a VPC, unreachable from ...
Back Up With Care, But Neglecting Patches can Leave You in Despair!
July 31, 2025 | Rox Harvey Rosales
CVE-2024-7348, which was discovered by Noah Misch, is a race condition ...
In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
July 23, 2025 | Serhii Melnyk
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server ...
Using SQLmap to Dig for Sensitive Data in SQL Databases
July 22, 2025 | Karl Biron
In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing ...
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
July 21, 2025 | Nikita Kazymirskyi
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. ...
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
July 18, 2025 | Serhii Melnyk
Malicious APKs (Android Package Kit files) continue to serve as one of the most ...
KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles
July 16, 2025 | Nathaniel Morales and John Basmayor
KAWA4096, a ransomware whose name includes "Kawa", the Japanese word for ...
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner
July 04, 2025 | Nikita Kazymirskyi
On July 3, 2025, Qantas confirmed in an update statement that a cyber incident ...
Tracing Blind Eagle to Proton66
June 27, 2025 | Serhii Melnyk
Trustwave SpiderLabs has assessed with high confidence that the threat group ...
Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector
June 25, 2025
Explore key insights from Trustwave SpiderLabs' latest report on securing tech ...
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors
June 24, 2025 | Nathaniel Morales
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and ...
The Attack Vector: Database Triggers as Persistence Mechanisms
June 24, 2025 | Jose Tozo
Organizations often assume that restoring a backup to a patched environment ...
The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone
June 18, 2025 | Arthur Erzberger
The Israel-Iran conflict is barely a week old, but the security repercussions ...
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations
May 28, 2025 | Cris Tomboc and King Orande
Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the ...
The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution
May 23, 2025 | Muhammad Ahmad
Multi-agent systems (MAS) are reshaping industries from IT services to ...
Storm-0558 and the Dangers of Cross-Tenant Token Forgery
May 21, 2025 | Damian Archer
Modern cloud ecosystems often place a single identity provider in charge of ...
Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025
May 21, 2025
As the summer travel season approaches, travelers worldwide are busy booking ...
Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development
May 16, 2025 | Damian Archer
Dependency management is one of the biggest challenges in modern software ...
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
May 06, 2025 | Karl Biron
Let’s explore the critical role of Modbus in energy and manufacturing systems, ...
A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms
May 02, 2025 | Pauline Bolaños
A quarter century ago, a former computer science student from the Philippines ...
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
April 29, 2025 | Reegun Jayapaul
During an Advanced Continual Threat Hunt (ACTH) investigation conducted in ...
Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks
April 21, 2025 | Tom Neaves
I think you’ll agree with me that growth in the AI landscape is pretty full-on ...
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
April 17, 2025 | Pawel Knapczyk, Dawid Nesterowicz
Earlier this year SpiderLabs observed an increase in mass scanning, credential ...
Proton66 Part 1: Mass Scanning and Exploit Campaigns
April 14, 2025 | Pawel Knapczyk, Dawid Nesterowicz
Trustwave SpiderLabs continuously tracks a range of malicious activities ...
Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
April 10, 2025 | Bernard Bautista and Kevin Adriano
Ever thought an image file could be part of a cyber threat? The Trustwave ...
Tycoon2FA New Evasion Technique for 2025
April 10, 2025 | Rodel Mendrez
The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at ...
Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse
April 08, 2025 | Serhii Melnyk and Nikita Kazymirskyi
In February 2025, the cybersecurity community witnessed an unprecedented leak ...