Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Sekoia.io

Sekoia.io Vendor Cyber Rating & Cyber Score

sekoia.io

Sekoia.io is the European cybersecurity technology company, leading provider of detection and response solutions boosted by AI and Cyber Threat Intelligence. By combining threat anticipation through knowledge of attackers with automation of detection and response, the Sekoia AI SOC platform provides security teams a unified view and total control over their information systems. Its open approach and interoperability with third-party solutions enable organizations to take full advantage of their existing technologies. Sekoia.io gives its customers the means to focus their human resources on high value-added missions, optimize their cyber-defense strategy and regain the advantage against advanced cyber threats.


Sekoia.io A.I CyberSecurity Scoring

Sekoia.io
Company Information
Website:http://www.sekoia.io/en
Employees number:135
Number of followers:22,937
NAICS:541514
Industry Type:Computer and Network Security
Homepage:sekoia.io
Sekoia.io Risk Score (AI oriented)
Between 700 and 749
logo
Sekoia.ioComputer and Network Security
Updated:
02/04/2026
723/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Sekoia.io Global Score (TPRM)
xxxx
logo
Sekoia.ioComputer and Network Security
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Sekoia.io
Sekoia.ioModerate
Current Score
723Ba (MODERATE)
01000
2 incidents
-21 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
726Before Incident
JUNE 2026
726Before Incident
MAY 2026
724Before Incident
APRIL 2026
724Before Incident
MARCH 2026
723Before Incident
FEBRUARY 2026
721Before Incident
JANUARY 2026
742Before Incident
Cyber Attack
30 Jan 2026Sekoia.io
Let's Encrypt and Regway: Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure Exposed

TOXICSNAKE Malware Campaign Exploiting Fake Education Domains

721After Incident
HIGH-21
SEKLET1769769766
Sophisticated Malware Campaign Exploits Fake Education Domains in TOXICSNAKE Operation Security researchers have exposed a advanced traffic distribution network (TDS) leveraging deceptive education-themed domains to distribute malware and phishing attacks. Dubbed TOXICSNAKE, the operation mimics legitimate university and educational institution branding to exploit user trust, serving as an effective social engineering vector for cybercriminals running malware-as-a-service schemes. The attack employs a multi-stage delivery mechanism, beginning with fake educational portals that execute obfuscated JavaScript upon user visits. The first-stage loader decodes a remote URL, injects malicious code, and sets a one-time execution flag in browser storage to evade repeated detections. Researchers at Macs-Hit traced the infrastructure after analyzing a JavaScript loader from toxicsnake-wifes[.]com, a TDS node that routes victims to different payloads based on location, device, and browser data. While second-stage payloads faced HTTP 504 errors during analysis suggesting inactive or blocked upstream infrastructure the campaign appears to be part of a coordinated cluster of domains sharing identical operational patterns. Related domains include pasangiklan[.]top, asangiklan[.]top, ourasolid[.]com, refanprediction[.]shop, and xelesex[.]top, all using education-themed branding and similar infrastructure. The operation relies on bulletproof hosting from HZ Hosting Ltd (ASN AS202015), known for permissive abuse policies. Domains are registered with disposable WHOIS data and use Regway nameservers, a tactic common among CIS-region cybercriminals. All domains resolve to IPs within the 185.33.84.0/23 netblock, with each assigned a dedicated IP to evade broad blocking. To further evade detection, attackers use Let’s Encrypt TLS certificates (valid for 90 days) for rapid domain rotation. The obfuscated JavaScript loader also employs tokenization to generate unique session IDs, ensuring security sandboxes receive benign content while real victims are served malicious payloads.
INCIDENT DETAILS -
TYPE
Malware Campaign
MOTIVATION
Malware-as-a-service, financial gain
DECEMBER 2025
741Before Incident
NOVEMBER 2025
741Before Incident
OCTOBER 2025
741Before Incident
SEPTEMBER 2025
740Before Incident
AUGUST 2025
740Before Incident
SEPTEMBER 2024
751Before Incident
Cyber Attack
01 Sep 2024Sekoia.io
Sekoia

Evolution of Quad7 Botnet Targets SOHO Devices

734After Incident
CRITICAL-17
SEK000091524
Sekoia uncovered the evolution of the Quad7 botnet, which now targets new SOHO devices with stealthier tactics to evade detection. The botnet has compromised various routers and VPN appliances by exploiting vulnerabilities, some of which were previously unknown. The Quad7 operators have refined their methods, transitioning from open SOCKS proxies to using the KCP protocol over UDP for communication to further conceal their activities. Despite no direct reports of data compromise, the botnet's capacity for distributed brute-force attacks presents significant risks, including potential unauthorized access to Microsoft 365 accounts and control over infected devices possibly leading to data breaches or other serious security incidents in the future.
INCIDENT DETAILS -
TYPE
Botnet
MOTIVATION
Unauthorized accessData breaches
IMPACT
RoutersVPN appliances

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Sekoia.io ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Sekoia.io's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Sekoia.io's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Sekoia.io ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Sekoia.io's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?