3 July 2025
News
Explore how Azure Arc can be identified in environments, misconfigurations in deployment can allow for privilege escalation, an overprovisioned Service Principal can be used for code execution and ...
2 July 2025
News
Dive into research on a double-free vulnerability, CVE-2019-11932, in an image processing library used by WhatsApp and a GIF-processing vulnerability affecting Android mobile phones.
23 June 2025
News
China-aligned threat actor Hive0154 has spread numerous phishing lures in targeted campaigns throughout 2025 to deploy the Pubload backdoor. As of May 2025, X-Force noticed these attacks targeting ...
17 June 2025
News
Learn more about machine learning training environments and infrastructure, as well as different attack scenarios against critical components, including cloud compute, model artifact storage and mo...
6 June 2025
Threat actors have been heavily targeting the industrial sector in recent years. Learn more about why this industry is being targeted and what organizations can do to protect against these cyberatt...
3 June 2025
IBM X-Force has been monitoring phishing email campaigns from Hive0131 pretending to be The Judiciary of Colombia and using fake notifications to Colombians of criminal proceedings to deliver malwa...
2 June 2025
Since the start of 2025, IBM X-Force has been tracking a phishing campaign targeting financial institutions worldwide, using weaponized Scalable Vector Graphics (SVG) files to initiate multi-stage ...
20 May 2025
Since late March 2025, IBM Security has been closely monitoring a sophisticated spear phishing campaign designed to steal Amazon and Amazon Prime credentials and primarily targeting residents of Fr...
15 May 2025
According to the IBM Threat Intelligence Index 2025, generative AI is growing in popularity as a tool for threat actors, especially those creating deepfakes. Learn more about the dangers of deepfak...
15 May 2025
IBM X-Force is tracking a suspected espionage campaign activated by Hive0154, using weaponized ZIP archives to distribute Pubload and Toneshell backdoors. Learn more about the threat.
14 May 2025
Previously discovering a method for bypassing even the strictest WDAC policies by backdooring trusted Electron applications, the IBM X-Force Red team continued their research and can now bypass the...
28 April 2025
News
Kyri Lea and Elizabeth Christensen have developed m-Ray, an automated vulnerability scanner for IBM mainframes running the z/OS operating system.
22 April 2025
The X-Force Red team was able to breach a hardened external perimeter and gain code execution to an on-premises SQL server, resulting in full Active Directory compromise. Learn how they did it, and...
17 April 2025
The 2025 X-Force Threat Intelligence Index is out, and it shows that attackers are still actively stealing and selling user identities. Learn more about that and other relevant threats.
15 April 2025
News
IBM X-Force observed Hive0148 spreading the Grandoreiro banking trojan to users in Mexico and Costa Rica. Learn more about this phishing and Malware-as-a-Service campaign.