Adoption of new short and new long TLDs shows strong momentum, while IDN email compatibility continues to evolve across platforms.
The market for IPv4 addresses continues to experience deflationary pressures, with recent data showing a steady decline in prices across all block sizes. According to May 2025 figures from IPv4.Global by Hilco Streambank, average prices per address have been trending downward for nearly a year, with large blocks - particularly /16s - leading the descent.
The MITRE Corporation updates its list of groups on the ATT&CK page every six months, specifically in April and October each year. The Updates - April 2025 advisory listed seven new groups with corresponding lists of indicators of compromise (IoCs) listed in the References section. Take a look at specific IoC-related details for each group below.
The SideWinder advanced persistent threat (APT) group, active since 2012 and known for targeting government, military, and business entities throughout Asia, primarily Pakistan, China, Nepal, and Afghanistan, has struck once again. This time around, the threat actors updated their toolset and created new infrastructure to spread malware and control compromised systems.
Based on our Q1 2025 ranking of the most popular gTLDs and ccTLDs, the same players pretty much made the list. The .com gTLD remained in first place while the other gTLD extensions like .xyz, .top, and .shop lagged far behind. Among the ccTLDs, only .de made it to the top 10.
Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform.
HUMAN's Satori Threat Intelligence and Research Team recently uncovered and partially disrupted BADBOX 2.0 in collaboration with Google, Trend Micro, Shadowserver, and other partners. The threat has been dubbed "the largest botnet of infected connected TV (CTV) devices" uncovered to date.
Cisco Talos recently uncovered multiple Lotus Blossom cyber espionage campaigns targeting government, manufacturing, telecommunications, and media organizations. The group used Sagerunex and other hacking tools after compromising target networks.
Choosing an attack surface management or a vulnerability management platform often comes down to identifying which tool provides the right mix of visibility, automation, and precision that matches your team's needs, ideally at as low a price as possible.
Symantec recently reported that a China-based threat actor who has been involved in installing backdoors in the systems of target government institutions (i.e., cyber espionage) has turned toward spreading RA World ransomware (i.e., a cybercriminal act) this time. Going from one act to the other is not usual for attackers.