Home

Red Sky® Alliance has been serving information security professionals for over twelve years. We invite businesses and organizations, from enterprises to small businesses, to learn more about cyber threats and how to avoid them. We provide TLP White and Green cyber threat reporting for targeted industry segments, international reports, and malware/bot analyses.

A privately held USA-owned cyber threat intelligence firm that delivers proprietary cyber threat intelligence datasets and services. Our company provides insightful, actionable intelligence in formats best suited to your strategic, operational, and tactical needs.

 

Let us better prepare you and your team for new cyber threats.

Redskyalliance.org offers free access to all, and no salesperson will call.

TRENDING

Microsoft 365 Security Problems

Posted by Jim McKee on March 30, 2026 at 12:00pm

31125377479?profile=RESIZE_400x Across boardrooms and IT departments, a dangerous assumption continues to grow because data resides in Microsoft 365 and Azure it is automatically secure.  This belief is fundamentally flawed and creates a false sense of protection that masks real exposure, turning what should be a strategic cloud advantage into a ticking time bomb quietly building risk inside the organization’s own…

Read more…

If Deep Fakes Become Real – the Liar’s Dividend

Posted by Bill Schenkelberg on March 30, 2026 at 8:00am

31122247857?profile=RESIZE_400x Since US and Israeli strikes began against Iranian military and nuclear infrastructure in late February, two wars have been running simultaneously. One is kinetic.  The other involves something the world has not fully reckoned with: the systematic use of artificial intelligence to manufacture reality, at scale, in real time, during active armed conflict.…

Read more…

New Tricky Ghost

Posted by Bill Schenkelberg on March 27, 2026 at 8:59am

31122221664?profile=RESIZE_400x Cybersecurity researchers have spotted a sneaky new trick used by hackers to compromise developers’ computers.  This latest threat, which first appeared at the beginning of February 2026, involves malicious code hidden inside npm packages, which programmers use to create apps.  According to researchers at ReversingLabs, this specific attack, dubbed the Ghost campaign, tricks users into…

Read more…

LiteLLM  PYTHON 

Posted by CyberDog on March 26, 2026 at 1:37pm

31111049692?profile=RESIZE_400x On 24 March 2026, two versions of the litellm Python package on PyPI were found to contain malicious code.  The packages (versions 1.82.7 and 1.82.8) were published by a threat actor known as TeamPCP after they obtained the maintainer's PyPI credentials through a prior compromise of Trivy, an open source security scanner used in litellm's CI/CD pipeline.

The malicious versions…

Read more…

Meta & Google Social Media Lawsuit

Posted by Bill Schenkelberg on March 26, 2026 at 12:05pm

31106415655?profile=RESIZE_400x A US federal jury in Los Angeles on 25 March 2026 found Meta and Google liable in a closely watched trial accusing social media platforms of designing their products to get young users addicted, awarding the plaintiff $3 million in damages.  Meta was ordered to pay 70% of the awarded compensatory damages, while Google is responsible for the rest.  The verdict came after nine days,…

Read more…

New Malware for Sale

Posted by Jim McKee on March 25, 2026 at 12:00pm

31105893695?profile=RESIZE_400x A cyber-criminal is attempting to sell a zero-day exploit targeting a Windows Remote Desktop Services (RDS) privilege escalation vulnerability for US$220,000 on a cybercrime forum.  The listing, identified by threat intelligence analysts, highlights the rapid commercialization of critical vulnerabilities within the criminal underground.  The sale was posted by a user registered under…

Read more…

DarkSword Steals on iPhones

Posted by Bill Schenkelberg on March 25, 2026 at 8:10am

31105851698?profile=RESIZE_400x A new iOS exploit chain and payload called ‘DarkSword’ is stealing sensitive personal information from iPhones running iOS 18.4 to 18.7.  The toolkit is linked to multiple threat actors, including Russian-aligned UNC6353, who previously leveraged a similar exploit chain called Coruna. DarkSword was subsequently uncovered while various researchers analyzed Coruna’s…

Read more…

CanisterWorm

Posted by Bill Schenkelberg on March 25, 2026 at 8:00am

31105907494?profile=RESIZE_400x A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.

Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively…

Read more…

REDXRAY

CLICK HERE FOR MORE INFORMATION

In the News

2023 REDSHORTS

REDSHORT Webinars

Please Join our REDSHORT webinars. 'RED' as something important from Red Sky Alliance, and 'SHORT' in 10 minutes or less weekly. We will cover highlights of trending topics.

REGISTER HERE

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Comments are closed.

Comments

This reply was deleted.

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT