actor

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

AndyC 19 December 2025

Dec 18, 2025Ravie LakshmananMalware / Mobile Security The North Korean threat actor known as Kimsuky has been linked to a...

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananEmail Security / Threat Intelligence The Russian state-sponsored threat actor known as APT28 has been attributed to...

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananVulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set...

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

AndyC 18 December 2025

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as...

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

AndyC 10 December 2025

Dec 09, 2025Ravie LakshmananRansomware / Endpoint Security The threat actor known as Storm-0249 is likely shifting from its role as...

Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China

AndyC 5 December 2025

The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat...

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

AndyC 2 December 2025

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3...

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

AndyC 1 December 2025

Dec 01, 2025Ravie LakshmananMalware / Threat Intelligence The threat actor known as Tomiris has been attributed to attacks targeting foreign...

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

AndyC 28 November 2025

Nov 27, 2025Ravie LakshmananMalware / Social Engineering The threat actor known as Bloody Wolf has been attributed to a cyber...

ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

AndyC 26 November 2025

Nov 25, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as ToddyCat has been observed adopting new methods to obtain...

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

AndyC 22 November 2025

A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent...

Wind farm worker sentenced after turning turbines into a secret crypto mine

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

AndyC 21 November 2025

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks Pierluigi Paganini November 20, 2025 Iran-linked actors mapped...

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

AndyC 20 November 2025

Nov 19, 2025Ravie LakshmananCyber Espionage / MalwareThe threat actor known as PlushDaemon has been observed using a previously undocumented Go-based...

Hacking

Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

AndyC 19 November 2025

Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking...

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

AndyC 18 November 2025

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver...

actor

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

How should Your Business Deal with Email Impersonation Attacks in 2025?

Best Vulnerability Scanning Tool for 2026- Top 10 List

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed