Ivanti Archives - Bulwark Black LLC

UAC-0050 Targets European Financial Institution in Strategic Phishing Campaign

acint2 months ago02 mins

Russia-aligned threat actor UAC-0050 has expanded operations beyond Ukraine, targeting a European financial institution involved in reconstruction efforts with a sophisticated multi-stage spear-phishing attack. Campaign Overview Security researchers at BlueVoyant have uncovered a targeted phishing campaign attributed to UAC-0050, also known as the DaVinci Group. The threat cluster, tracked by BlueVoyant as “Mercenary Akula,” has…

Physical Mail Phishing Targets Trezor and Ledger Users: Attackers Use QR Codes to Steal Recovery Phrases

acint2 months ago03 mins

A new phishing campaign is targeting cryptocurrency hardware wallet users through an unusual vector: physical mail. Threat actors are sending fake letters impersonating Trezor and Ledger security teams, attempting to trick users into surrendering their wallet recovery phrases. The Snail Mail Attack Vector Unlike traditional email phishing, these attacks arrive as physical letters printed on…

Ivanti Patches Two Critical EPMM Zero-Day Vulnerabilities Under Active Exploitation

acint3 months ago02 mins

Two critical CVSS 9.8 vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-1281, CVE-2026-1340) are under active exploitation, allowing unauthenticated remote code execution. CISA has added them to the KEV catalog with a February 1 federal deadline.