Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications.

Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access…

Uncategorized June 9, 2026

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known…

Uncategorized June 6, 2026

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of…

Core Offerings arrow_forward

Expert Teams arrow_forward

Why Cypro arrow_forward

Expert Advisory arrow_forward

About Us arrow_forward

Work With Us arrow_forward

Insights arrow_forward

Learning arrow_forward