RealDefense Opens $10M Fund to Help OEMs Monetize Installs With SmartScan Cybersecurity SDK

Blog

Byadmblake August 15, 2025

Post Content

Blog

⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined…

Read More ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
Blog

The State of AI in the SOC 2025 – Insights from Recent Study

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Centers: alert volumes have reached unsustainable levels, forcing teams to leave critical threats uninvestigated. You can

Read More The State of AI in the SOC 2025 – Insights from Recent Study
Blog

5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. “The attacker uses SEO to…

Read More 5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
Blog

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as…

Read More SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
Blog

Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine

The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel. The group targeted the military mission of a Western country, per the Symantec Threat Hunter team, with…

Read More Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine
Blog

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. “Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today. Targets of the campaign

Read More China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Related