ReliaQuest stories
Patching alone has left some older SonicWall devices exposed to VPN attacks, with reliaQuest finding the first known in-the-wild use of CVE-2024-12802.
Corporate users can be compromised in under five minutes when attackers pose as help-desk staff in external Microsoft Teams chats, researchers say.
The attack kept retrying for hours after network blocks, as a scheduled task and Python proxy preserved access on the host.
Leak-site noise is making it harder for firms to tell real breaches from extortion theatre, as active sites hit 91 in the first quarter of 2026.
Senior staff are increasingly in the crosshairs as suspected former Black Basta affiliates use Teams impersonation to seize remote access.
Trusted software and identity sessions are now prime attack paths, with ClickFix linked to more than 44% of defence evasion incidents.
Businesses face credential theft and reinfection risks as DeepLoad hides inside trusted Windows processes and evades routine clean-up.
Corelight launches Agentic Triage, an AI-driven workflow to speed SOC investigations while exposing every step for transparent review.
Ransomware group LeakNet adopts ClickFix lures and a Deno-based fileless loader to scale attacks and evade traditional endpoint defences.
ShinyHunters shifts to subdomain-brand phishing and vishing on mobiles, bypassing domain checks to hijack SSO logins and SaaS sessions.
AI-fuelled hackers can now spread across corporate networks in as little as four minutes, outpacing human defenders by hours.
China-linked Warlock ransomware group exploits SmarterMail flaw for admin takeovers, chaining features to gain full Windows control.
Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.
Ransomware gangs shrank in number but hit more victims in late 2025, with leak-site postings soaring despite fewer active groups.
Attackers are abusing LinkedIn private messages to deliver Python-based malware via booby-trapped archives, ReliaQuest has warned.
ReliaQuest warns BaoLoader and trust-based lures are surging, as attackers ditch zero-days for social engineering and valid certificates.
Storm-0249 hijacks trusted security and Windows tools to stealthily broker high-value network access for ransomware operators.
Chinese state-backed hackers mimic Microsoft Teams downloads in a false flag campaign to infect Chinese speakers and blame Russian actors.
ReliaQuest reveals identity compromises and process flaws, not zero-day exploits, drive most cloud breaches, with 99% of cloud identities still over-privileged.
Florida State University will expand AI cyber training and research after a USD $1.5 million gift from ReliaQuest to fund new student and faculty programmes.
