Security Professional, Cyber Intelligence Principal @Netskope, Creator of the Cyber Attacks Timelines @ http://hackmageddon.com. Posts are my own!
Threat actors continue to exploit #vulnerabilities in #security appliances, such as #firewalls and #VPN concentrators, to gain initial access. Not only #zerodays disclosed in 2025, but also old vulnerabilities remediated years ago, but left unpatched
https://www.hackmageddon.com/2025/10/07/cves-targeting-remote-access-technologies-in-2025/
The Netskope Threat Labs Report for #Retail 2025 is out! đĸ
âī¸ 95% of organizations use #genAI apps
âī¸ 57% of DLP violations are for regulated data
âī¸ 81% #chatGPT is the most used genAI app
âī¸ 11% of #malware downloads come from OneDrive
https://www.netskope.com/resources/threat-labs-reports/threat-labs-report-retail-2025
The 1-15 March 2025 #cyberattacks timeline is out with 116 events, a #threat landscape dominated by #malware and #ransomware, and the confirmation that #phishing emails and #vulnerabilities are the main initial access vectors
https://www.hackmageddon.com/2025/09/05/1-15-march-2025-cyber-attacks-timeline/
The Netskope Threat Labs Report for Australia đĻđē is out! đŖ
âī¸ 9.9% of #malware come from GitHub
âī¸ Google most impersonated brand for #phishing
âī¸ 87% of organizations use #genAI apps
âī¸ 42% of data policy violations concern Intellectual property
https://netskope.com/resources/threat-labs-reports/threat-labs-report-australia-2025
The @Netskope Threat Labs Report focused on #ShadowAI and #AgenticAI is out!
âī¸ 89% of orgs use at least one #genAI app
âī¸ 7.6% of people use at least one app
âī¸ 7 apps are used in the typical org
âī¸ 8.2GB of data is uploaded on average to genAI apps
After the timelines, here we go with the #cyberattacks statistics for February 2025 where I analyzed 231 events, in a #threat landscape where the majority of #attacks were driven by #cybercrime, carried out via #malware, and initiated through #phishing.
https://www.hackmageddon.com/2025/08/07/february-2025-cyber-attacks-statistics/
The 16-28 February 2025 #Cyberattacks timeline is out with 167 events and a #threat landscape dominated by #malware and #ransomware.
In terms of initial access #phishing and exploitation of #vulnerabilities remain the preferred weapons of threat actors.
https://www.hackmageddon.com/2025/08/05/16-28-february-2025-cyber-attacks-timeline/
After the September 2024 campaign, Netskope Threat Labs discovered a new version of the XWorm #malware, introducing new features such as process protection and enhanced anti-analysis capabilities.
https://www.netskope.com/blog/xworm-v6-0-enhanced-malware-protection-and-stealthy-delivery
Against all odds, I continue to (not so) regularly update my blog hackmageddon.com. I have been quite busy lately, but hope to catch up during the Summer break.
In the meantime enjoy the 1-15 February 2025 #cyberattacks timeline
https://www.hackmageddon.com/2025/07/23/1-15-february-2025-cyber-attacks-timeline/
Netskope Threat Labs has discovered a campaign from the Silver Fox threat actor, using fake installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek, to deliver the Sainbox RAT and Hidden #rootkit to Chinese-speaker users.
https://www.netskope.com/blog/deepseek-deception-sainbox-rat-hidden-rootkit-delivery
The #cyberattacks timeline for January 2025 is out with 216 events dominated by #cybercrime. #Malware and #Ransomware led the attack techniques, and once again #phishing emails led the initial access vectors.
https://www.hackmageddon.com/2025/06/13/january-2025-cyber-attacks-statistics/
The @Netskope Threat Labs Report #Brazil 2025 is out! đ§đˇ
đ¨ī¸ #OneDrive most abused #cloud app for #malware
đ¨ī¸ #Microsoft most impersonated brand for #phishing
đ¨ī¸ 62% of policy violations concern regulated data
đ¨ī¸ 96% of organizations use #genAI apps
https://www.netskope.com/resources/threat-labs-reports/brazil-2025
The 16-30 January #cyberattacks timeline is out with 107 events and a #threat landscape dominated by #malware and #ransomware. #phishing emails continued to lead the initial access techniques.
https://www.hackmageddon.com/2025/06/04/16-30-january-cyber-attacks-timeline/
#Threat actors continue to exploit legitimate #cloud apps. In this campaign discovered by the Netskope Threat Labs, targeting Navy Federal Credit Union customers, #phishing pages are hosted on Glitch, and Telegram is abused to exfiltrate credentials and bypass MFA.
The @Netskope Threat Labs for Europe 2025 đĒđē is out!
đŠī¸ #GitHub is the top #cloud app for #malware downloads (16%)
đŠī¸ Adobe is the most impersonated brand for #phishing (29%)
đŠī¸ 57% of #DLP violations concern regulated data
đŠī¸ 91% of orgs use #GenAI apps
https://www.netskope.com/resources/threat-labs-reports/europe-2025
One of the most surprising trends from the Netskope Cloud and Threat Report 2025 is that #GitHub has surpassed Microsoft #OneDrive as the most exploited #cloud app for delivering #malware.
I summarised the findings in a blog post for Infosec Magazine.
https://www.infosecurity-magazine.com/opinions/current-cloud-threat-landscape/
The Netskope Threat Labs Report for #Healthcare 2025 is out!
âī¸ 13% of #malware downloads come from GitHub
âī¸ 88% of organizations use #genAI apps
âī¸ #ChatGPT is the most used app with 81%
âī¸ 81% of data policy violations are related to regulated data
https://www.netskope.com/resources/threat-labs-reports/threat-labs-report-healthcare-2025
The 1-15 January 2025 #cyberattacks timeline is out!
đ #cybercrime dominated the #threat landscape
đ #malware was the top attack vector the #threat landscape
đ #phishing emails were the main initial access vector.
https://www.hackmageddon.com/2025/05/06/1-15-january-2025-cyber-attacks-timeline/
The #cyberattacks statistics for Q4 2024 are out!
đ #Cybercrime accounted for 70% of the events
đ #Malware continued to lead the Attack Techniques chart with 28%
đ #Phishing led the Initial Attack Vectors with 17%
https://www.hackmageddon.com/2025/04/24/q4-2024-cyber-attacks-statistics/
The #cyberattacks statistics for December 2024 are out! (Better late than never...).
đ #Cybercrime continued to lead the Motivations
đ #Malware led the Attack Techniques
đ #Phishing Emails led the Initial Access
https://hackmageddon.com/2025/04/22/december-2024-cyber-attacks-statistics/
