Threat Intelligence
Recent CVEs, active exploitation campaigns, threat actor TTPs, IOC analysis.
Modern Phishing Kits: Tycoon, Greatness, EvilProxy, Mamba 2FA
Phishing-as-a-Service kits dominate 2024-26 attacks against Indian fintech and BFSI. Tycoon, Greatness, EvilProxy / Caffeine, Mamba 2FA, Robin Banks. IoCs to monitor,…
Security GuidesSharePoint CVE-2024-38094: Why On-Prem SharePoint Stays a Target
SharePoint Server's recent CVE roster — 2019-0604, 2023-29357 chain, 2024-38094 — shows the on-prem attack surface persists. Detection, mitigation, and the migration…
Red TeamingCitrixBleed (CVE-2023-4966): Why Patching Wasn’t Enough
CitrixBleed leaked active session tokens that survived patching — post-patch session hijacking persisted for weeks. The bug, IoCs, the required session-termination playbook,…
Security GuidesMOVEit Transfer (CVE-2023-34362): The Cl0p Mass Exploitation Story
Cl0p exploited MOVEit Transfer's SQLi as a zero-day, compromising 2,000+ organisations including Indian-market third parties. The vulnerability, why it spread so far,…
Red TeamingIvanti Connect Secure 2024 CVEs: Mass Exploitation and Lessons
CVE-2023-46805 + CVE-2024-21887 chained for unauthenticated RCE on Ivanti VPN. Mass-exploited within hours by nation-state and ransomware actors. IoCs, the 7-step IR…
Red TeamingFortinet FortiGate CVEs: The Edge-Device Attack Surface Pattern
Fortinet's recent CVE history (2022-40684, XORtigate, 2024-21762, FortiManager 23113 / 47575) shows the structural risk of edge devices. IoCs, mitigation pattern, and…
Security GuidesConfluence CVE-2023-22515 / 22518: When Internal Wikis Become Ransomware Targets
Two Atlassian Confluence CVEs in late 2023 enabled mass-exploitation by ransomware operators. Bug walkthrough, IoCs, mitigation, and the migration question for Confluence…
Security GuidesIndian Phishing in 2026: SMS, Vishing, and UPI Scams
The Indian phishing landscape has distinct shapes — SMS-led, mobile-first, UPI-integrated. Bank impersonation, KYC scams, UPI fraud patterns, vishing with AI voice…
Threat IntelligenceSpring4Shell (CVE-2022-22965): Why It’s Still Hitting Java in 2026
Spring4Shell was disclosed in March 2022. Vulnerable Spring still found in Indian enterprise audits in 2026, particularly legacy Java apps and vendor…
Threat IntelligenceServer-Side Template Injection (SSTI) in 2026: Detection and Exploitation
SSTI test methodology — canary payloads for Jinja2, Twig, Smarty, Freemarker, Velocity, ERB, Razor. Where SSTI hides (email templates, error messages, report…