Research

Cyber Threat Intelligence Reports | Cybersecurity Risk Research

The latest industry news, interviews, technologies, and resources.


FINANCE Q1 I 2026 : INDUSTRY REPORT
Research 2026-01-19
FINANCE Q1 I 2026 : INDUSTRY REPORT

EXECUTIVE SUMMARY The CYFIRMA Industry Report delivers original cybersecurity insights and telemetry-driven statistics of global industries, covering one sector each week for a quarter. This report focuses on the finance…

Mamba Phishing-as-a-Service Kit: How Modern adversary-in-the-middle (AiTM) Attacks Operate
Research 2026-01-16
Mamba Phishing-as-a-Service Kit: How Modern adversary-in-the-middle (AiTM) Attacks Operate

INTRODUCTION CYFIRMA assesses that Mamba 2FA is a representative of a broader class of adversary-in-the-middle phishing frameworks that have become increasingly prevalent in cloud-centric threat activity. The observed behaviors indicate…

SOLYXIMMORTAL : PYTHON MALWARE ANALYSIS
Research 2026-01-16
SOLYXIMMORTAL : PYTHON MALWARE ANALYSIS

EXECUTIVE SUMMARY SolyxImmortal is a Python-based Windows information-stealing malware that combines credential theft, document harvesting, keystroke logging, screen surveillance, and persistence into a single, continuously running implant. The malware leverages…

APT PROFILE – KIMSUKI
Research 2026-01-13
APT PROFILE – KIMSUKI

Kimsuki, an advanced persistent threat (APT) group active since at least 2012, is suspected to be operating out of North Korea in direct support of the regime’s strategic objectives. The…

CYFIRMA ANNUAL INDUSTRIES REPORT 2025 : PART 3
Research 2026-01-12
CYFIRMA ANNUAL INDUSTRIES REPORT 2025 : PART 3

EXECUTIVE SUMMARY The CYFIRMA Industries Report provides cutting-edge cybersecurity insights and telemetry-driven statistics on global industries. Spanning the last 365 days and highlighting year-over-year changes between 2024 and 2025, this…

TRACKING RANSOMWARE : DEC 2025
Research 2026-01-09
TRACKING RANSOMWARE : DEC 2025

EXECUTIVE SUMMARY Ransomware activity in December 2025 highlights an evolution toward cartel-style, collaborative ecosystems, where initial access, persistence, encryption, and extortion are increasingly decoupled and outsourced. December recorded the highest…

Beyond MFA: Identity Abuse Through Token Interception and Consent Manipulation
Research 2026-01-08
Beyond MFA: Identity Abuse Through Token Interception and Consent Manipulation

EXECUTIVE SUMMARY Multi-Factor Authentication (MFA) has long been positioned as a definitive control against credential-based attacks. However, recent phishing campaigns demonstrate a fundamental change in how adversaries compromise user accounts.…

CYFIRMA ANNUAL INDUSTRIES REPORT 2025 : PART 2
Research 2026-01-05
CYFIRMA ANNUAL INDUSTRIES REPORT 2025 : PART 2

EXECUTIVE SUMMARY The CYFIRMA Industries Report provides cutting-edge cybersecurity insights and telemetry-driven statistics on global industries. Spanning the last 365 days and highlighting year-over-year changes between 2024 and 2025, this…

Resurgence of Scattered Lapsus$ hunters
Research 2026-01-03
Resurgence of Scattered Lapsus$ hunters

Executive Summary: Recent monitoring of underground forums and Telegram communities has identified the resurgence of the Scattered Lapsus$ collective. The actors appear to be leveraging the LizardSquad name in their…

Fortnightly Vulnerability Summary
Research 2026-01-02
Fortnightly Vulnerability Summary

Fortnightly Vulnerability Summary CHECK OUT THESE FAST FACTS ON FORTNIGHTLY OBSERVED VULNERABILITIES. Fortnight's Most Impacted Products Tenda| ChurchCRM | AVideo Increase in vulnerability compared to the previous two weeks. Fortnightly…

1 2 3 59