Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to...
actor
Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days
Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days Pierluigi Paganini November 13, 2025 Amazon warns that...
Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon
The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed...
From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools
A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to...
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
Nov 06, 2025Ravie LakshmananMalware / Network Security The threat actor known as Curly COMrades has been observed exploiting virtualization technologies...
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
Nov 03, 2025Ravie LakshmananCybersecurity / Malware The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor...
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
Oct 31, 2025Ravie LakshmananMalware / Browser Security A suspected nation-state threat actor has been linked to the distribution of a...
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
Oct 31, 2025Ravie LakshmananMalware / Threat Intelligence A China-affiliated threat actor known as UNC6384 has been linked to a fresh...
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
Oct 24, 2025Ravie LakshmananCyber Espionage / Malware A Pakistan-nexus threat actor has been observed targeting Indian government entities as part...
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of...
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Oct 16, 2025Ravie LakshmananMalware / Blockchain A threat actor with ties to the Democratic People's Republic of Korea (aka North...
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the...
A sophisticated nation-state actor breached F5 systems, stealing BIG-IP source code and data on undisclosed flaw
A sophisticated nation-state actor breached F5 systems, stealing BIG-IP source code and data on undisclosed flaw Pierluigi Paganini October 15,...
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months
A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider,...
F5 network compromised
On October 15, 2025, F5 reported that a nation-state threat actor had gained long-term access to some F5 systems and...
