UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain...
actor
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Ravie LakshmananMar 10, 2026Cloud Security / API Security Salesforce has warned of an increase in threat actor activity that's aimed...
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind...
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Ravie LakshmananMar 06, 2026Threat Intelligence / Cyber Espionage The Pakistan-aligned threat actor known as Transparent Tribe has become the latest...
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
Ravie LakshmananMar 05, 2026Malware / Threat Intelligence A suspected Iran-nexus threat actor has been attributed to a campaign targeting government...
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Ravie LakshmananMar 03, 2026Vulnerability / Artificial Intelligence The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet...
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh...
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Ravie LakshmananFeb 24, 2026Cyber Espionage / Malware A Russia-aligned threat actor has been observed targeting a European financial institution as...
APT28 Targeted European Entities Using Webhook-Based Macro Malware
Ravie LakshmananFeb 23, 2026Malware / Threat Intelligence The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a...
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise...
New threat actor UAT-9921 deploys VoidLink against enterprise sectors
New threat actor UAT-9921 deploys VoidLink against enterprise sectors Pierluigi Paganini February 13, 2026 A new threat actor, UAT-9921, uses...
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
Ravie LakshmananFeb 13, 2026Threat Intelligence / Malware A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations...
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors
Ravie LakshmananFeb 13, 2026Cloud Security / Cyber Espionage A previously unknown threat actor tracked as UAT-9921 has been observed leveraging...
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from...
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
Ravie LakshmananFeb 09, 2026Threat Intelligence / Cyber Espionage The threat actor known as Bloody Wolf has been linked to a...
