Blog

The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan, Group-IB researchers Amirbek Kurbanov and Volen Kayo said in a report published in collaboration with Ukuk, a state enterprise under the

Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now. The update to its Content Security Policy (CSP) aims to enhance the Entra ID sign-in experience at "login.microsoftonline[.]com" by only letting scripts from trusted Microsoft domains run. "This update strengthens security and adds an extra

Etat de la menace informatique sur les équipements mobiles anssiadm mer 26/11/2025 - 10:11 L’omniprésence, l’usage systématique des smartphones et la multiplication des fonctionnalités et données qu’ils traitent en font des cibles d’intérêt pour l’acquisition de renseignements d’origine cyber. Véritables indispensables du quotidien pour des millions de Français en raison des multiples fonctionnalités qu’ils proposent, les smartphones sont par conséquent des cibles de choix pour les cybercriminels. Afin de connaître les menaces et les risques qui accompagnent leur utilisation, l’ANSSI met à disposition son état de la menace sur les équipements mobiles et partage ses recommandations de sécurité pour y faire face. Une menace grandissante et complexe à traiter Depuis 3 ans, l’ANSSI intervient de façon croissante auprès d’individus dont les téléphones mobiles sont compromis à des fins d’espionnage. En…

Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world. Criminals are getting creative — using smart tricks to steal data, sound real, and hide in plain sight. But they’re not the only ones moving fast. Governments and security teams are fighting back, shutting down fake

Gainsight has disclosed that the recent suspicious activity targeting its applications has affected more customers than previously thought. The company said Salesforce initially provided a list of 3 impacted customers and that it has "expanded to a larger list" as of November 21, 2025. It did not reveal the exact number of customers who were impacted, but its CEO, Chuck Ganapathi, said "we