Welcome to the Triad Situation Report, your trusted source for the latest cybersecurity and compliance news. In this edition, we bring you crucial updates on emerging cyber threats, including data breaches, phishing schemes, and sophisticated malware campaigns. Stay informed and take proactive steps to protect your business from evolving cyber risks.
Researchers Expose SVG and PureRAT Phishing Threats
A phishing campaign is abusing SVG (Scalable Vector Graphics) files to impersonate Ukrainian government agencies. Victims are lured into opening a password-protected ZIP that hides a malicious CHM file deploying CountLoader, which then drops payloads such as Amatera Stealer, PureMiner, and PureRAT—targeting Ukraine and Vietnam.
Read more
State-Sponsored Hackers Exploiting Libraesva ESG Vulnerability
Suspected nation-state actors are exploiting a command-injection flaw (CVE-2025-59689) in Libraesva Email Security Gateway (ESG). Crafted compressed email attachments trigger remote code execution as a non-privileged user. Libraesva has patched versions 5.5.7 and earlier after confirming active attacks.
Read more
Brickstorm Malware Used to Steal U.S. Organizations’ Data for Over a Year
Google’s Threat Intelligence Group uncovered that Chinese-linked hackers (UNC5221) used a malware variant called Brickstorm to infiltrate U.S. tech, legal, SaaS, and BPO companies for an average of 393 days, exfiltrating sensitive data and moving laterally across networks undetected.
Read more
New EDR-Freeze Tool Uses Windows WER to Suspend Security Software
A new proof-of-concept EDR-Freeze tool exploits Windows Error Reporting (WER) to pause or disable endpoint detection and response software. This technique—already adopted by ransomware gangs—lets malicious payloads run with minimal resistance.
Read more
European Airports Still Dealing with Disruptions Days After Ransomware Attack
A ransomware attack on Collins Aerospace’s MUSE platform disrupted check-in and boarding systems at major European airports—including Heathrow, Berlin Brandenburg, Brussels, and Dublin—causing multi-day delays and forcing airlines to switch to manual operations.
Read more
How Triad InfoSec Can Assist Your Business:
Navigating the complexities of cybersecurity compliance can be challenging. Triad InfoSec is dedicated to helping businesses prepare for CMMC audits, ensuring compliance, and optimizing cybersecurity strategies. Our services include:
- CMMC Audit Preparation: Guiding your organization through the necessary steps to achieve CMMC certification.
- MSP Partnerships: Collaborating with Managed Service Providers to ensure your business remains compliant while reducing cyber insurance premiums.
- Comprehensive Cybersecurity Solutions: Offering a range of services tailored to meet all your cybersecurity needs.
Partner with Triad InfoSec to secure your business’s future
