APT

SIEM Detection is Failing. Here’s What Stronger Teams Do Instead.

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

AndyC 8 April 2026

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs Pierluigi Paganini April 08, 2026 U.S. agencies warn Iran-linked threat actors...

NSFOCUS Monthly APT Insights – February 2026

AndyC 7 April 2026

Regional APT Threat Situation In February 2026, the global threat hunting system of FUYING Lab detected a total of...

North Korea–linked hackers drain 5M from Drift in sophisticated attack

North Korea–linked hackers drain $285M from Drift in sophisticated attack

AndyC 4 April 2026

North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a...

NSFOCUS Monthly APT Insights – January 2026

AndyC 2 April 2026

Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of...

China-Linked groups target Southeast Asian government with advanced malware in 2025

AndyC 31 March 2026

China-Linked groups target Southeast Asian government with advanced malware in 2025 Pierluigi Paganini March 30, 2026 China-linked groups hit a...

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

AndyC 31 March 2026

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave Pierluigi Paganini March 30, 2026 Russia-linked TA446...

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

AndyC 27 March 2026

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks Pierluigi Paganini March 27, 2026 China-linked Red Menshen APT...

BPFdoor in Telecom Networks: The FCC Is Securing the Edge, but China’s Hackers Are Already Past It

AndyC 27 March 2026

Rapid7’s research reveals China-linked kernel implants deep inside telecom signaling infrastructure. Here’s what BPFdoor is, how it evolved, and...

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

AndyC 25 March 2026

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...

CL-STA-1087 targets military capabilities since 2020

AndyC 18 March 2026

CL-STA-1087 targets military capabilities since 2020 Pierluigi Paganini March 17, 2026 China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries...

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

AndyC 17 March 2026

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets Pierluigi Paganini March 16, 2026 Russia-linked threat actors target Ukrainian...

APT28 conducts long-term espionage on Ukrainian forces using custom malware

AndyC 11 March 2026

APT28 conducts long-term espionage on Ukrainian forces using custom malware Pierluigi Paganini March 10, 2026 APT28 used BEARDSHELL and COVENANT...

Meta’s AI Safety Chief Couldn’t Stop Her Own Agent. What Makes You Think You Can Stop Yours?

Russia-linked hackers target Signal, WhatsApp of officials globally

AndyC 10 March 2026

Russia-linked hackers target Signal, WhatsApp of officials globally Pierluigi Paganini March 09, 2026 Russia-linked hackers are targeting Signal and WhatsApp...

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

AndyC 7 March 2026

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations Pierluigi Paganini March 06, 2026 Iran-linked APT MuddyWater targeted U.S. organizations, deploying...

Iran-nexus APT Dust Specter targets Iraq officials with new malware

AndyC 7 March 2026

Iran-nexus APT Dust Specter targets Iraq officials with new malware Pierluigi Paganini March 06, 2026 A campaign by Iran-linked group...

APT

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

NSFOCUS Monthly APT Insights – February 2026

North Korea–linked hackers drain $285M from Drift in sophisticated attack

NSFOCUS Monthly APT Insights – January 2026

China-Linked groups target Southeast Asian government with advanced malware in 2025

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

BPFdoor in Telecom Networks: The FCC Is Securing the Edge, but China’s Hackers Are Already Past It

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

CL-STA-1087 targets military capabilities since 2020

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

APT28 conducts long-term espionage on Ukrainian forces using custom malware

Russia-linked hackers target Signal, WhatsApp of officials globally

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

Iran-nexus APT Dust Specter targets Iraq officials with new malware

The calm before the ransom: What you see is not all there is

The calm before the ransom: What you see is not all there is

GopherWhisper: A burrow full of malware

GopherWhisper: A burrow full of malware

New NGate variant hides in a trojanized NFC payment app

New NGate variant hides in a trojanized NFC payment app

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not

Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not

Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not

Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not

Introducing Wallarm Middle East Cloud: Built for Data Residency Compliance

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed