Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the...
actors
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ravie LakshmananMar 27, 2026Ransomware / Malware Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for...
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware...
Iran-linked actors use Telegram as C2 in malware attacks on dissidents
Iran-linked actors use Telegram as C2 in malware attacks on dissidents Pierluigi Paganini March 23, 2026 Iran-linked actors use Telegram...
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Ravie LakshmananMar 23, 2026Vulnerability / Endpoint Security Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest...
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal in phishing campaign Pierluigi Paganini March 22, 2026 Russia-linked actors target WhatsApp and Signal...
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
Ravie LakshmananMar 21, 2026Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to...
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner...
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure Pierluigi Paganini March 17, 2026 EU sanctions Chinese and...
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Ravie LakshmananMar 17, 2026Threat Intelligence / Endpoint Security North Korean threat actors have been observed sending phishing to compromise targets...
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Following initial access, the threat actors conducted extensive lateral movement using a combination of legitimate administration tools and credential abuse....
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according...
Initial access techniques used by Iran-based threat actors
Iranian‑linked threat groups often use a core set of initial access methods. The threat actors favor cost-effective, repeatable intrusion techniques...
Fake Claude Code Spreads Malware to Windows, macOS Users
Image: Rawpixel/Envato Threat actors are exploiting a common developer habit — copying installation commands directly from websites — to distribute...
