Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers
Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers Pierluigi Paganini May 26, 2026 Nimbus Manticore accelerated cyberattacks...
APT
Lazarus APT unveils fileless remote access Trojan designed to evade detection
Lazarus APT unveils fileless remote access Trojan designed to evade detection Pierluigi Paganini May 26, 2026 North Korea-linked Lazarus APT...
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs Pierluigi Paganini April 08, 2026 U.S. agencies warn Iran-linked threat actors...
NSFOCUS Monthly APT Insights – February 2026
Regional APT Threat Situation In February 2026, the global threat hunting system of FUYING Lab detected a total of...
North Korea–linked hackers drain $285M from Drift in sophisticated attack
North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a...
NSFOCUS Monthly APT Insights – January 2026
Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of...
China-Linked groups target Southeast Asian government with advanced malware in 2025
China-Linked groups target Southeast Asian government with advanced malware in 2025 Pierluigi Paganini March 30, 2026 China-linked groups hit a...
Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave
Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave Pierluigi Paganini March 30, 2026 Russia-linked TA446...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks Pierluigi Paganini March 27, 2026 China-linked Red Menshen APT...
BPFdoor in Telecom Networks: The FCC Is Securing the Edge, but China’s Hackers Are Already Past It
Rapid7’s research reveals China-linked kernel implants deep inside telecom signaling infrastructure. Here’s what BPFdoor is, how it evolved, and...
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...
CL-STA-1087 targets military capabilities since 2020
CL-STA-1087 targets military capabilities since 2020 Pierluigi Paganini March 17, 2026 China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries...
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets Pierluigi Paganini March 16, 2026 Russia-linked threat actors target Ukrainian...
APT28 conducts long-term espionage on Ukrainian forces using custom malware
APT28 conducts long-term espionage on Ukrainian forces using custom malware Pierluigi Paganini March 10, 2026 APT28 used BEARDSHELL and COVENANT...
Russia-linked hackers target Signal, WhatsApp of officials globally
Russia-linked hackers target Signal, WhatsApp of officials globally Pierluigi Paganini March 09, 2026 Russia-linked hackers are targeting Signal and WhatsApp...
