LevelBlue SpiderLabs’ Cyber Threat Intelligence Team continues to observe a progressive convergence between traditional cybercrime activity and attacks targeting cryptocurrency users.

This report expands LevelBlue’s ongoing investigation into a multi-stage fileless malware campaign in which a network of compromised legitimate websites redirects victims to fake CAPTCHA verification pages delivering credential-stealing payloads through a ClickFix social engineering mechanism.

Children with a vision of a huge payout from Santa Claus are not the only ones who look forward to the end of each year.

Children with a vision of a huge payout from Santa Claus are not the only ones who look forward to the end of each year.

Two critical zero-day vulnerabilities in the Microsoft SharePoint Server environment, CVE-2025-53770 (9.8 CVSS score) and CVE-2025-53771 (6.5 CVSS score), are being actively exploited by threat actors to compromise vulnerable on-premises SharePoint servers.

Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66. Blind Eagle is a threat actor actively targeting organizations across Latin America, with a notable focus on Colombian financial institutions.

Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the emergence and communication dynamics of the cybercriminal brand known as Scattered LAPSUS$ Hunters (SLH), consolidating observed activity across public platforms to provide updated insights into its structure, evolution, and operational behavior.