WithSecure™ Labs: With great research comes great responsibility

Research, development, updates and tooling you can use.

Our Publication

Read all publications

April 28, 2025

KeePass trojanised in advanced malware campaign

Don’t drop password managers (but password managers shouldn’t drop malware).

April 28, 2025

SAP NetWeaver CVE-2025-31324 Exploitation

WithSecure detected an attack that first began with the exploitation of CVE-2025-31324 in March 2025, suggesting that this vulnerability has been known to criminals and exploited for some time.

April 28, 2025

Leveraging EDR Behavioral Data for Zero-Day Vulnerability Discovery and Triage of Known Vulnerabilities

At WithSecure, we have the benefit of a comprehensive set of capabilities, allowing us to conduct research on how to better integrate our various services. One such topic has been the use of behavioral information provided by Endpoint Detection and Response (EDR) to detect potential privilege escalation vulnerabilities.

April 28, 2025

CrazyHunter: The Rising Threat of Open-Source Ransomware

A ransomware attack on the Mackay Memorial hospital in Taiwan is the latest example of a growing number of incidents revolving around publicly available, offensive tools and code that threat actors are utilizing. The ransomware encryptor used in this incident, dubbed “CrazyHunter”, was built using a ransomware builder called “Prince Ransomware” which was publicly available on GitHub. WithSecure has observed a growing number of actors employing this specific ransomware builder in ransomware attacks.

April 28, 2025

Cyber Threat Landscape – European Mid Market 2025

Tim West, WithSecure’s Director, Threat Intelligence & Outreach, takes a deep dive in to the cyber threat landscape of the European mid-market, in order to discover what we should expect over the course of this year and where the key battlegrounds will be fought in 2025.

April 28, 2025

CloudWatch Dashboard (Over)Sharing

How bugs in Amazon CloudWatch and Cognito allowed attackers to see beyond Dashboards.

Latest Threat Highlights

Discover all highlights

May 27, 2025

April 2025

The report details an increased focus on AI security risks, cloud exposures, and persistent identity vulnerabilities, highlighting the ongoing evolution of threat tactics and the importance of strong defense measures. Additionally, there was the news about the CVE program which narrowly received funding approval from the US government, ensuring its continued operation amid concerns about the stability of US-led security initiatives.

New Advisories

Find out all advisories

November 6, 2024

Synology Router Manager Reflected XSS

Featured Tools

Check out all tools

WithSecure™ Labs: With great research comes great responsibility

Our Publication

KeePass trojanised in advanced malware campaign

SAP NetWeaver CVE-2025-31324 Exploitation

Leveraging EDR Behavioral Data for Zero-Day Vulnerability Discovery and Triage of Known Vulnerabilities

CrazyHunter: The Rising Threat of Open-Source Ransomware

Cyber Threat Landscape – European Mid Market 2025

CloudWatch Dashboard (Over)Sharing

Latest Threat Highlights

April 2025

New Advisories

Prompt Injection in JetBrains Rider AI Assistant

Optimizely CMS Admin Panel DOM XSS

iOS Single App Mode Escape

Fujitsu mPollux for macOS Multiple Vulnerabilities

SQL Injection in ZTE 4G routers and modems

Mend.io cross-tenant access via vulnerable SAML implementation

Synology Router Manager Reflected XSS

Featured Tools