Cyber Alerts – Monthly threats and SOC insights from Pinewood

The threat landscape is evolving at lightning speed. In our latest Cyber Alerts, we highlight the key trends and threats that organizations need to be aware of right now:

1. Increasing misuse of OAuth. Attackers are rapidly exploiting legitimate OAuth login flows to take over Microsoft 365 accounts without stealing passwords or MFA.
2. Malware targeting hypervisors. In 2025, a significant portion of lateral movements in ransomware attacks shifted to the hypervisor layer. Data shows that the proportion of incidents in which the hypervisor itself is exploited jumped from approximately 3% to 25% in 2025.
3. Dangers of Al prompt injection. Prompt injection is an attack technique in which a malicious actor adds hidden instructions to input (such as text, documents, or emails) to manipulate an AI model or agent into performing unwanted actions.
4. Proliferation of malicious extensions. Extensions for browsers and development environments pose a persistent security problem: attackers sometimes place legitimate-looking add-ons in official stores for years, only to add unwanted malicious functions via automatic updates later.

Download our Cyber Alerts now and stay up to date on the most current threats.

Download the report