A newly revealed RCE vulnerability in Apache Tomcat is under active exploitation, just 30 hours after its public disclosure and the release of a PoC. The successful exploitation of CVE-2025-24813 gives adversaries the green light to remotely execute code on targeted systems by leveraging unsafe deserialization. Detect CVE-2025-24813 Exploitation Attempts With the sharp increase in […]

The post CVE-2025-24813 Detection: Apache Tomcat RCE Vulnerability Actively Exploited in the Wild appeared first on SOC Prime.

According to ESET APT Activity Report Q2 2024-Q3 2024, China-linked threat groups dominate global APT campaigns, with MustangPanda responsible for 12% of activity during the observed quarters of 2024. Another nefarious China-backed APT group tracked as MirrorFace (aka Earth Kasha) has been observed expanding its geographical reach to target the diplomatic agency in the EU […]

The post Operation AkaiRyū Attacks Detection: MirrorFace China-Backed APT Group Targets Central European Diplomatic Institute Using ANEL Backdoor appeared first on SOC Prime.

The UAC-0200 hacking group resurfaces in the cyber threat arena. CERT-UA has recently identified a surge in targeted cyber-attacks both against employees of defense industry enterprises and individual members of the Armed Forces of Ukraine leveraging DarkCrystal RAT (DCRAT).  Detect UAC-0200 Attacks Covered in the CERT-UA#14045 Alert Following the latest UAC-0173 attacks leveraging DARKCRYSTAL RAT […]

The post UAC-0200 Attack Detection: Cyber-Espionage Activity Targeting Defense Industry Sector and the Armed Forces of Ukraine Using DarkCrystal RAT appeared first on SOC Prime.

According to Sophos, ransomware recovery costs soared to $2.73 million in 2024, displaying a 500% rise compared to 2023 and underscoring the escalating financial toll of cyberattacks. The FBI, CISA, and MS-ISAC have recently issued a joint advisory on Medusa ransomware, which has impacted over 300 victims across critical infrastructure sectors as of February 2025. […]

The post Medusa Ransomware Detection: The FBI, CISA & Partners Warn of Increasing Attacks by Ransomware Developers and Affiliates Against Critical Infrastructure appeared first on SOC Prime.

Hot on the heels of the exploitation attempts of the medium-severity vulnerability in Espressif ESP32 Bluetooth chips, leveraged in over 1 billion devices, another security issue in a widely popular product, a cross-platform browser engine, WebKit, poses an increasing threat to organizations and individual users worldwide. Tracked as CVE-2025-24201, the newly uncovered zero-day vulnerability is […]

The post CVE-2025-24201 Exploitation: Apple Fixes the WebKit Zero-Day Vulnerability Used in Sophisticated Attacks appeared first on SOC Prime.

Following the disclosure of an authorization bypass vulnerability in the Motorola Mobility Droid Razr HD (Model XT926), another major security flaw in a widely used product now threatens global organizations with unauthorized access and potential control over critical systems. The ESP32 microchip by Espressif, found in over 1 billion devices as of 2023, contains 29 […]

The post CVE-2025-27840: Vulnerability Exploitation in Espressif ESP32 Bluetooth Chips Can Lead to Unauthorized Access to Devices appeared first on SOC Prime.

Invite Your Peers, Get 20% Off SOC Prime Platform Solo Subscriptions At SOC Prime, we foster a strong cybersecurity community by connecting researchers, enterprises, MDR providers, and government organizations. Now, individual security researchers can unlock even more benefits of collaboration and networking through the SOC Prime referral program—sharing the platform with peers and earning exclusive […]

The post SOC Prime Announces Referral Program for Individual Cyber Defenders appeared first on SOC Prime.

SOC Prime is excited to announce a major upgrade to Uncoder AI—an industry-first integrated development environment (IDE) and co-pilot for threat-informed detection engineering. The new release introduces a robust set of features designed to enhance how detection rules are created, translated, and optimized, acting as a game-changer for security teams to stay ahead in the […]

The post Uncoder: Private Non-Agentic AI for Threat-Informed Detection Engineering appeared first on SOC Prime.

Ransomware remains a top cybersecurity threat, with attack costs soaring to $2.73 million per incident, nearly $1 million higher than in 2023, according to Sophos. As ransomware operations grow in complexity, new threat groups continue to emerge, seeking massive financial gains. One such group is Hellcat, a newly identified Ransomware-as-a-Service (RaaS) threat group first spotted […]

The post Detect Hellсat Ransomware Attacks: New Ransomware-as-a-Service Threat Group Targeting а Variety of High-Profile Organizations Globally appeared first on SOC Prime.

Hot on the heels of the disclosure of CVE-2025-1001, a novel Medixant RadiAnt DICOM Viewer vulnerability, another security issue emerges in the cyber threat landscape. A newly identified flaw, CVE-2025-25730, affects the Mobility Droid Razr HD (Model XT926) and enables nearby unauthorized attackers to access USB debugging, potentially compromising the host device. With cyber threats […]

The post CVE-2025-25730 Vulnerability: Authorization Bypass in Motorola Mobility Droid Razr HD (Model XT926)  appeared first on SOC Prime.