Using SQLmap to Dig for Sensitive Data in SQL Databases
In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing Digital Gold), we take ...
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies
Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. SpiderLabs reviewed ...
Read MoreUnmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and ...
Read MoreKAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles
KAWA4096, a ransomware whose name includes "Kawa", the Japanese word for "river", first emerged in ...
Read MoreThe Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner
On July 3, 2025, Qantas confirmed in an update statement that a cyber incident had compromised data ...
Read MoreTracing Blind Eagle to Proton66
Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka ...
Read MoreTrustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector
Explore key insights from Trustwave SpiderLabs' latest report on securing tech firms against ...
Read MoreDire Wolf Strikes: New Ransomware Group Targeting Global Sectors
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and Trustwave SpiderLabs ...
Read MoreThe Attack Vector: Database Triggers as Persistence Mechanisms
Organizations often assume that restoring a backup to a patched environment eliminates threats. ...
Read MoreThe Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone
The Israel-Iran conflict is barely a week old, but the security repercussions for the two ...
Read MorePhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations
Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the phishing threat landscape ...
Read MoreThe Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution
Multi-agent systems (MAS) are reshaping industries from IT services to innovative city governance ...
Read MoreStorm-0558 and the Dangers of Cross-Tenant Token Forgery
Modern cloud ecosystems often place a single identity provider in charge of handling logins and ...
Read MoreHospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025
As the summer travel season approaches, travelers worldwide are busy booking their holidays, ...
Read MoreGuarding Against Dependency Attacks: Essential Strategies for Modern Application Development
Dependency management is one of the biggest challenges in modern software development.
Read MoreLights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate ...
Read MoreA Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms
A quarter century ago, a former computer science student from the Philippines accidentally ...
Read MoreYet Another NodeJS Backdoor (YaNB): A Modern Challenge
During an Advanced Continual Threat Hunt (ACTH) investigation conducted in early March 2025, ...
Read MoreAgent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks
I think you’ll agree with me that growth in the AI landscape is pretty full-on at the moment. I go ...
Read MoreProton66 Part 2: Compromised WordPress Pages and Malware Campaigns
Earlier this year SpiderLabs observed an increase in mass scanning, credential brute forcing, and ...
Read MoreProton66 Part 1: Mass Scanning and Exploit Campaigns
Trustwave SpiderLabs continuously tracks a range of malicious activities originating from Proton66 ...
Read MorePixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security ...
Read MoreTycoon2FA New Evasion Technique for 2025
The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past ...
Read MoreInside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse
In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the ...
Read MoreBabuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’
An investigation that started with a tip from one of our threat intel sources about the revival of ...
Read More2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures
Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare ...
Read MoreTrustwave SpiderLabs Threat Review: Alleged Oracle Compromise
On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had ...
Read More