CL-STA-1087 targets military capabilities since 2020
CL-STA-1087 targets military capabilities since 2020 Pierluigi Paganini March 17, 2026 China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries...
APT
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets Pierluigi Paganini March 16, 2026 Russia-linked threat actors target Ukrainian...
APT28 conducts long-term espionage on Ukrainian forces using custom malware
APT28 conducts long-term espionage on Ukrainian forces using custom malware Pierluigi Paganini March 10, 2026 APT28 used BEARDSHELL and COVENANT...
Russia-linked hackers target Signal, WhatsApp of officials globally
Russia-linked hackers target Signal, WhatsApp of officials globally Pierluigi Paganini March 09, 2026 Russia-linked hackers are targeting Signal and WhatsApp...
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations Pierluigi Paganini March 06, 2026 Iran-linked APT MuddyWater targeted U.S. organizations, deploying...
Iran-nexus APT Dust Specter targets Iraq officials with new malware
Iran-nexus APT Dust Specter targets Iraq officials with new malware Pierluigi Paganini March 06, 2026 A campaign by Iran-linked group...
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow Pierluigi Paganini March 06, 2026 Google’s GTIG reports...
Russian APT targets Ukraine with BadPaw and MeowMeow malware
Russian APT targets Ukraine with BadPaw and MeowMeow malware Pierluigi Paganini March 05, 2026 Researchers uncovered a Russian campaign targeting...
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook Pierluigi Paganini March 04, 2026 APT group Silver Dragon,...
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity Pierluigi Paganini March 02, 2026 UK’s NCSC warns...
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch Pierluigi Paganini March 02, 2026 Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513...
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems Pierluigi Paganini March 02, 2026 North Korea-linked APT 37...
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor Pierluigi Paganini February 26, 2026 UAT-10027 campaign is targeting...
How to understand and avoid Advanced Persistent Threats
By definition, an advanced persistent threat (APT) is a prolonged, targeted attack on a specific victim with the intention to compromise...
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries Pierluigi Paganini February 26, 2026 Google...
