IBM X-Force

Explore how Azure Arc can be identified in environments, misconfigurations in deployment can allow for privilege escalation, an overprovisioned Service Principal can be used for code execution and ...

Dive into research on a double-free vulnerability, CVE-2019-11932, in an image processing library used by WhatsApp and a GIF-processing vulnerability affecting Android mobile phones.

China-aligned threat actor Hive0154 has spread numerous phishing lures in targeted campaigns throughout 2025 to deploy the Pubload backdoor. As of May 2025, X-Force noticed these attacks targeting ...

Learn more about machine learning training environments and infrastructure, as well as different attack scenarios against critical components, including cloud compute, model artifact storage and mo...

Threat actors have been heavily targeting the industrial sector in recent years. Learn more about why this industry is being targeted and what organizations can do to protect against these cyberatt...

IBM X-Force has been monitoring phishing email campaigns from Hive0131 pretending to be The Judiciary of Colombia and using fake notifications to Colombians of criminal proceedings to deliver malwa...

Since the start of 2025, IBM X-Force has been tracking a phishing campaign targeting financial institutions worldwide, using weaponized Scalable Vector Graphics (SVG) files to initiate multi-stage ...

Since late March 2025, IBM Security has been closely monitoring a sophisticated spear phishing campaign designed to steal Amazon and Amazon Prime credentials and primarily targeting residents of Fr...

According to the IBM Threat Intelligence Index 2025, generative AI is growing in popularity as a tool for threat actors, especially those creating deepfakes. Learn more about the dangers of deepfak...

IBM X-Force is tracking a suspected espionage campaign activated by Hive0154, using weaponized ZIP archives to distribute Pubload and Toneshell backdoors. Learn more about the threat.

Previously discovering a method for bypassing even the strictest WDAC policies by backdooring trusted Electron applications, the IBM X-Force Red team continued their research and can now bypass the...

Kyri Lea and Elizabeth Christensen have developed m-Ray, an automated vulnerability scanner for IBM mainframes running the z/OS operating system.

The X-Force Red team was able to breach a hardened external perimeter and gain code execution to an on-premises SQL server, resulting in full Active Directory compromise. Learn how they did it, and...

The 2025 X-Force Threat Intelligence Index is out, and it shows that attackers are still actively stealing and selling user identities. Learn more about that and other relevant threats.

IBM X-Force observed Hive0148 spreading the Grandoreiro banking trojan to users in Mexico and Costa Rica. Learn more about this phishing and Malware-as-a-Service campaign.