CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
Episodes
321 episodes
CYFIRMA Research: Converging Threat Vectors: Escalating Cyber Risk and Strategic Exposure in Saudi Arabia’s Digital Ecosystem (2025–2026)
Saudi Arabia’s digital ecosystem is facing a convergence of escalating cyber risks.Our latest threat landscape assessment highlights:🔹 Intensified state-aligned espionage targeting Saudi Arabia 🔹 Ransomware operat...
CYFIRMA Research: Hong Kong Cyber Threat Landscape
Hong Kong Cyber Threat Landscape 2025–26CYFIRMA's latest intelligence assessment reveals a sharp rise in ransomware, state-aligned espionage, cloud abuse, and data-theft operations targeting Hong Kong.Ransomware groups lik...
CYFIRMA Research: An Income Tax Assessment Notice Phishing Campaign Delivering Malware
Fake Income Tax Notice Delivers RAT MalwareCYFIRMA has identified a sophisticated malware distribution campaign leveraging a fraudulent Indian Income Tax Department assessment notice to infect users with a Remote Access Trojan (R...
CYFIRMA Research: Microsoft Teams-Themed Remote Access Phishing Campaign
An active phishing campaign is leveraging Microsoft Teams-themed lures to distribute legitimate remote access software configured for unauthorized access. The campaign highlights a growing trend in cybercrime operations: leveraging...
CYFIRMA Research: Exploitation of Model Context Protocol in Agentic AI Deployments
CYFIRMA's latest research documents how adversaries are exploiting the Model Context Protocol, the integration standard now embedded in Claude, Copilot, Cursor, VS Code, and hundreds of enterprise AI platforms, to turn AI agents into autonomous...
CYFIRMA Research: New NPM Supply Chain Campaign Identified- A Multi-Stage Cryptocurrency Malware with More Than 2.7 million Downloads
Alert : Major NPM Supply Chain Attack Exposed: 2.7M+ Downloads ImpactedCYFIRMA Researchers identified 11 malicious npm packages targeting blockchain and Web3 developers, highlighting the growing risks within the open-source software sup...
CYFIRMA Research: Cyber Threats Surrounding the FIFA World Cup 2026
48 teams3 host nations.Billions of viewersAnd a cyber-attack surface unlike anything seen before.As global anticipation for the FIFA World Cup 2026 grows, so does cybercriminal interest. Our assessment identified FIFA-th...
CYFIRMA Research: Tracking Ransomware- May 2026
CYFIRMA Healthcare Industry Report | Q2 2026 | Overall industry risk: 6.9 / 10 - ELEVATED90 days of telemetry. 5 threat categories. Here is what the numbers say about the healthcare sector this quarter.Ransomware across the peri...
CYFIRMA Research: Operation TaxShadow- Multi-Region Tax Phishing & In-Memory Malware Campaign
Threat Research: Operation Tax ShadowExplore CYFIRMA's latest report regarding a tax-themed phishing campaign impersonating government tax authorities across multiple countries.• Multi-stage malware delivery via ZIP archive&...
CYFIRMA Research: Kenya Cyber Threat Landscape
Kenya’s cyber threat landscape is intensifying.The latest CYFIRMA report reveals a surge in ransomware activity, credential leaks, dark web data trading, website defacements, and attacks targeting government, finance, telecom, and criti...
CYFIRMA Research: CVE-2026-34197- Jolokia Exposure Enables RCE in Apache ActiveMQ
The CYFIRMA Research team has identified key security insights related to CVE-2026-34197, a high-severity remote code execution vulnerability affecting Apache ActiveMQ Classic deployments.The vulnerability arises from exposure of the Jo...
CYFIRMA Research: China Threat Landscape
China’s cyber threat landscape is evolving faster than ever — and the implications go far beyond its borders.Our latest threat intelligence report 2025 – 2026 highlights a convergence of ransomware, state-sponsored espionage, and system...
CYFIRMA Research: Weaponization of Indian Student Data- An Ecosystem for Phishing, Social Engineering, and Financial Fraud
The increasing digitalization of India’s education sector has created a growing attack surface for cybercriminals targeting student-related data. Our latest threat intelligence assessment explores how exposed or misused student information is b...
CYFIRMA Research: South Korea Threat Landscape Report
South Korea isn't just facing high-frequency cyberattacks, it’s navigating a highly professionalized exploitation pipeline.Regional APTs, RaaS affiliates, and initial access brokers aren't operating in silos; they are stakeholders in a ...
CYFIRMA Research: Tracking Ransomware- April 2026
CYFIRMA – April 2026 Ransomware Threat Intelligence BriefingRansomware activity reached 801 global incidents in April 2026, marking the highest April total in recent years and reinforcing the continued expansion of ransomware-as-a-servi...
CYFIRMA Research: Operation SilentCanvas – JPEG-Based Multi-Stage PowerShell Intrusion
Operation SilentCanvas – JPEG-Based Multi-Stage PowerShell IntrusionCYFIRMA Research conducted an in-depth technical investigation into a sophisticated multi-stage intrusion campaign leveraging a weaponized PowerShell payload disguised a...
CYFIRMA Research: Abuse of Cloud-Native Infrastructure in Modern Phishing Campaigns
New Research: Trusted Infrastructure Phishing — The Attack That Lives Inside Your Security StackMost phishing starts outside your perimeter. This one starts inside it. Trusted Infrastructure Phishing (TIP) is a threat class in whi...
CYFIRMA Research: Malaysia Threat Landscape Report
Malaysia isn’t just seeing cyber threats - it’s seeing a structured cyber economy take shape.Ransomware groups, data brokers, and access sellers are all operating across the same ecosystem.Manufacturing, government, and service ...
CYFIRMA Research: Taiwan Cyber Threat Landscape 2026
Taiwan Cyber Threat Landscape 2026Taiwan remains at the forefront of global cyber conflict—driven by its semiconductor dominance, strategic geopolitical position, and deep international partnerships.🔹 Relentless Pressure: ~2.63M dai...
CYFIRMA Research: Singapore Threat Landscape
Singapore’s position as a global financial, technological, and connectivity hub continues to attract sophisticated cyber threats from both state-sponsored actors and financially motivated cybercriminal groups.Key Threat Actors Identi...
CYFIRMA Research: Philippines Evolving Cyber Threat Landscape 2025-2026
Stay ahead with CYFIRMA’s Philippines Evolving Cyber Threat Landscape 2025–2026 Report.The Philippines is facing a sharp escalation in AI-driven and automated cyber threats. Q3 2025 recorded over 52 million exposed credentials, while ra...
CYFIRMA Research: KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft
KYCShadow: Mobile Threat Alert – Android Banking Malware CampaignCYFIRMA Research has identified a sophisticated Android malware campaign distributed via WhatsApp, impersonating Bank KYC and e-Challan services to compromise finan...
CYFIRMA Research: Operation PhantomCLR- Stealth Execution via AppDomain Hijacking and In-Memory .NET Abuse
Operation PhantomCLROur latest research uncovers a highly sophisticated post-exploitation framework that represents a significant shift in modern attacker tradecraft. The campaign leverages .NET AppDomainManager hijacking to abus...
CYFIRMA Research: Silent Crypto Wallet Takeover- Unlimited USDT Approval Exploitation via Trust Wallet QR Code Phishing
CYFIRMA Research has identified an active crypto drainer campaign targeting Trust Wallet users through QR code phishing distributed via Telegram channels. The attack leverages deep link abuse and deceptive transaction flows to gain persistent a...
CYFIRMA Research: CVE-2026-1492 WordPress User Registration & Membership Authentication Bypass Flaw
The CYFIRMA Research team has identified critical security insights related to CVE-2026-1492, a high-severity authentication bypass and privilege escalation vulnerability affecting the WordPress User Registration & Membership plugin.