Investigating Curl-Based TOR Proxy Access with Uncoder AI and SentinelOne Query Language
Detecting stealthy command-line activity that may indicate dark web access or anonymized traffic is a growing challenge for security teams.…
Threats
Billbug Attack Detection: China-Linked Espionage Actors Target Southeast Asian Organizations
ESET’s Q2-Q3 2024 APT Activity Report highlights China-affiliated groups leading global APT operations, with campaigns aimed at intelligence gathering being…
Accelerating Threat Detection with Uncoder AI’s “Short AI-generated Summary”
In the world of Security Operations, speed and clarity are everything. When analysts sift through complex detection logic—especially in extensive…
Making Splunk Detection Work Faster with Uncoder AI’s Full Summary
Modern SOC teams dealing with Splunk Detections need to process large volumes of detection logic written in SPL. The challenge?…
CVE-2025-30406 Detection: Critical RCE Vulnerability in Gladinet CentreStack & Triofox Under Active Exploitation
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced…
CVE-2025-29824 Vulnerability: Exploitation of a Windows CLFS Zero-Day Could Trigger Ransomware Attacks
Hot on the heels of the CVE-2025-1449 disclosure, a vulnerability in Rockwell Automation software, another critical security issue affecting widely…
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
Throughout March 2025, defenders observed increasing cyber-espionage activity by the UAC-0219 hacking group targeting Ukrainian critical sectors WRECKSTEEL malware. In…
Seashell Blizzard Attack Detection: A Long-Running Cyber-Espionage “BadPilot” Campaign by russian-linked Hacking Group
A nefarious russia’s APT group Seashell Blizzard also known as APT44 has been waging global cyber campaigns since at least…
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
In late March 2025, CERT-UA observed a surge in cyber-espionage operations targeting Ukraine, orchestrated by the UAC-0200 hacking group using…
CVE-2025-1449: Rockwell Automation Verve Asset Manager Vulnerability Enables Adversaries to Gain Access to Run Arbitrary Commands
Hard on the heels of the disclosure of CVE-2025-24813, a RCE flaw in Apache Tomcat actively leveraged in the wild…