Research

Cyber Threat Intelligence Reports | Cybersecurity Risk Research

The latest industry news, interviews, technologies, and resources.


TRACKING RANSOMWARE : JAN 2026
Research 2026-02-12
TRACKING RANSOMWARE : JAN 2026

EXECUTIVE SUMMARY The January 2026 Ransomware Threat Report highlights a ransomware ecosystem that has matured into a highly adaptive, service-oriented criminal economy defined less by technical exploitation and more by…

APT Profile – Fancy Bear
Research 2026-02-11
APT Profile – Fancy Bear

Fancy Bear is a well-documented Russian state-sponsored threat actor that has been active since at least 2007 and is widely assessed to operate in close coordination with Russian intelligence services.…

TRANSPORT & LOGISTICS Q1 I 2026 : INDUSTRY REPORT
Research 2026-02-09
TRANSPORT & LOGISTICS Q1 I 2026 : INDUSTRY REPORT

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each week for a quarter. This report focuses on the transportation…

LTX Stealer : Analysis of a Node.js–Based Credential Stealer
Research 2026-02-08
LTX Stealer : Analysis of a Node.js–Based Credential Stealer

EXECUTIVE SUMMARY At CYFIRMA, we analyze attacker techniques that rely on legitimate installers and user trust to enable low noise system compromise. This report presents the analysis of a Windows-based…

Re-Emerging Telegram Phishing Campaign Targeting User Authorization Prompts
Research 2026-02-07
Re-Emerging Telegram Phishing Campaign Targeting User Authorization Prompts

INTRODUCTION CYFIRMA has identified an active and evolving Telegram phishing operation that abuses Telegram’s native authentication workflows to obtain fully authorized user sessions. Unlike traditional phishing attacks that rely solely…

CVE-2026-23760 – SmarterTools SmarterMail Authentication Bypass Vulnerability
Research 2026-02-06
CVE-2026-23760 – SmarterTools SmarterMail Authentication Bypass Vulnerability

EXECUTIVE SUMMARY CVE-2026-23760 represents a severe authentication bypass vulnerability in SmarterTools SmarterMail email server software. The flaw exists in the password reset API endpoint (force-reset-password), which permits unauthenticated requests and…

ENERGY & UTILITIES Q1 I 2026 : INDUSTRY REPORT
Research 2026-02-03
ENERGY & UTILITIES Q1 I 2026 : INDUSTRY REPORT

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each week for a quarter. This report focuses on the energy…

The Convergence of Infostealers and Ransomware : From Credential Harvesting to Rapid Extortion Chains
Research 2026-02-01
The Convergence of Infostealers and Ransomware : From Credential Harvesting to Rapid Extortion Chains

EXECUTIVE SUMMARY Ransomware activity accelerated sharply from late 2025 into early 2026, with a growing number of campaigns relying on credentials harvested by infostealers as the primary initial access vector.…

Fortnightly Vulnerability Summary
Research 2026-01-31
Fortnightly Vulnerability Summary

Fortnightly Vulnerability Summary CHECK OUT THESE FAST FACTS ON FORTNIGHTLY OBSERVED VULNERABILITIES. Fortnight's Most Impacted Products Linux | Microsoft | Fortinet Decrease in vulnerability compared to the previous two weeks.…

PlayCloak: A Play Store–Distributed Travel Utility Covertly Operating as a Financial Fraud and Cybercrime Platform
Research 2026-01-30
PlayCloak: A Play Store–Distributed Travel Utility Covertly Operating as a Financial Fraud and Cybercrime Platform

EXECUTIVE SUMMARY The Android application Hicas, publicly advertised as a Smart Travel Packing Companion, was found to operate as a region-targeted fraudulent loan platform linked to a Chinese-operated digital loan…

1 2 3 60