CyberseerNet

A new Tropic Trooper campaign abuses trojanised apps, VS Code tunnels & GitHub‑based C2 to stay hidden. When attackers blend into trusted tools early detection depends on continuous monitoring, not signatures alone. 🔗 eu1.hubs.ly/H0vj1vw0 #ThreatIntel #SOC #MDR #CyberSecurity

DFIR Report details how EtherRAT and TukTuk C2 activity ultimately led to Gentleman ransomware deployment. A clear example of how early‑stage malware, if missed, can quickly escalate into major business disruption. 🔗 eu1.hubs.ly/H0vzj7M0 #ThreatIntel #Ransomware #SOC

Attackers are moving faster and blending in. The @CrowdStrike 2026 Global Threat Report, shared by your CrowdStrike partner, breaks down what this means for defenders. 🔗 eu1.hubs.ly/H0vzmHG0 #ThreatIntelligence #CyberResilience #CISO

TeamPCP & BreachForums reportedly launch a $1,000 Monero contest targeting open‑source supply chains. Low cost. High impact. Real‑world risk. 👉 eu1.hubs.ly/H0vzjjY0 #CyberSecurity #SupplyChainSecurity #ThreatIntel #OpenSource

Elastic Security Labs detail how attackers can quietly abuse vaulted secrets & credentials to persist in cloud environments. A reminder that identity & secrets management failures often drive the biggest breaches. 🔗 eu1.hubs.ly/H0vzmJw0 #CloudSecurity #IdentitySecurity #SOC

As a CrowdStrike partner, we recommend the 2026 Global Threat Report. A clear view of how attackers exploit the gap between detection and response. Minutes matter. 🔗 eu1.hubs.ly/H0vj2HJ0 #CrowdStrikePartner #SOC #MDR

CrowdStrike outlines how organisations can defend against Cordial Spider & Snarky Spider by reducing attacker dwell time and preventing lateral movement with proactive endpoint protection. 🔗 eu1.hubs.ly/H0vhTT00 #ThreatIntel #EndpointSecurity #CyberResilience #SOC

@Darktrace 👉 Reserve your place darktrace.com/webinar/defens…

AI agents are powerful + fast becoming a new attack surface? ⚡ We’re partnering with @Darktrace to explore what effective defence in depth looks like for the age of AI 🛡️ Defence in Depth for the Age of AI 📅 May 27 | 12pm BST 👇 Secure your spot #AIsecurity #CyberSecurity

Researchers have uncovered 73 malicious, cloned VS Code extensions distributing GlassWorm v2, a cross‑IDE malware capable of stealing credentials & persisting across dev environments. 🔗 eu1.hubs.ly/H0vhRtl0 #ThreatIntel #SupplyChainSecurity #SOC

@Google Cloud Threat Intelligence breaks down UNC6692, a threat actor using social engineering paired with custom malware to gain footholds in target environments. People remain a prime attack vector. 🔗 eu1.hubs.ly/H0vhQyx0 #ThreatIntel #SocialEngineering #CyberSecurity #SOC

🔗 cyberseer.net/crowdstrike-20…

Proud CrowdStrike partner sharing the 2026 Global Threat Report. Faster breakout times, AI‑enabled attacks, and growing cloud & identity abuse show why speed now defines cyber resilience. 🔗 eu1.hubs.ly/H0vj3p30 #CrowdStrike #ThreatIntel #CyberSecurity

CISA has issued an alert on a supply‑chain compromise impacting the Axios Node Package Manager. A timely reminder to review dependency trust and monitoring controls. 🔗 eu1.hubs.ly/H0vhQp50 #CyberSecurity #SupplyChainSecurity #AppSec #SOC

Dataminr flags an unprecedented ransomware model: Vect + BreachForums + TeamPCP. Supply‑chain‑sourced credentials + mass affiliate mobilisation = #ransomware at industrial scale. Initial access is cheap. Monetisation is fast. 🔗eu1.hubs.ly/H0tSfcv0 #ThreatIntel #SecOps

Vercel discloses an April 2026 incident tied to a compromised third‑party AI tool. No npm supply‑chain impact, but env vars were exposed — proof that identity + third‑party failures escalate fast. Rotate creds. Enforce MFA. 🔗 eu1.hubs.ly/H0tS8dv0 #CloudSecurity #SecOps

Google now penalises “back button hijacking” as malicious. For security teams, this isn’t just UX — the same browser manipulation techniques appear in phishing funnels and malvertising. Deceptive web behaviour = security signal. 🔗 eu1.hubs.ly/H0tS6JG0 #CyberSecurity

Second Windows Defender zero‑day dropped just hours after the last patch. “RedSun” lets low‑priv access jump straight to SYSTEM by abusing Defender itself. This is why SOCs focus on post‑exploitation, not just prevention eu1.hubs.ly/H0tS85Q0 #ThreatDetection #CyberSecurity

A screensaver isn’t just cosmetic Our SOC analysed a multi‑stage RAT using a malicious .scr file, curl + 7zip, and stealthy persistence to stay hidden. Detection came down to behaviour, not signatures 👇 eu1.hubs.ly/H0tQqXv0 #Cyberseer - Redsquid #SOC #ThreatDetection #RAT

Supply‑chain attacks don’t look suspicious. They look normal. CPUID was compromised, pushing malware via legitimate CPU‑Z & HWMonitor installers. ➤ Trusted ≠ safe ➤ Monitor behaviour post‑install ➤ Detect fast, contain faster Read 👇 eu1.hubs.ly/H0ttQm10 #SupplyChain #SOC