KeysGuard’s latest cyber intelligence report reveals a sharp spike in global malicious activity over just two days, hitting the financial sector and critical infrastructure hard. It outlines a new exploitation wave targeting three major vulnerabilities in VMware ESXi, F5 BIG-IP, and Fortinet SSL-VPN, all exploited through automated attack tools. State-backed groups like Lazarus and APT29 are running coordinated campaigns using advanced tactics, from large-scale phishing to sophisticated OAuth token theft in cloud environments. Notably, ransomware actors are shifting toward “access mining,” quietly collecting credentials and session tokens instead of encrypting files right away. The report urges quick action: patch critical CVEs within 48 hours, review SSO logs, and enforce strict credential hygiene everywhere.
