China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary...
threat
Quantum-resistant key management for AI model deployments.
The Looming Quantum Threat to AI Model Confidentiality Okay, so, quantum computers? Not exactly here yet, but they're close...
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed...
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly...
State-linked and criminal hackers use device code phishing against M365 users
Multiple threat groups have been ramping up attacks using a technique called device code phishing to trick users into granting...
Three ways teams can tackle Iran’s tangled web of state-sponsored espionage
COMMENTARY: While often overshadowed by Russian and Chinese threats, the cyber threat from Iran has become a formidable challenge for...
I am not a robot: ClickFix used to deploy StealC and Qilin
ClickFix is an increasingly common tactic used by threat actors to install malicious software on victims’ devices. It has gone...
I am not a robot: ClickFix used to deploy StealC and Qilin
ClickFix is an increasingly common tactic used by threat actors to install malicious software on victims’ devices. It has gone...
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
Dec 18, 2025Ravie LakshmananMalware / Cloud Security A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a...
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving...
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
Dec 18, 2025Ravie LakshmananMalware / Mobile Security The North Korean threat actor known as Kimsuky has been linked to a...
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to...
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
Dec 17, 2025Ravie LakshmananEmail Security / Threat Intelligence The Russian state-sponsored threat actor known as APT28 has been attributed to...
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
Dec 17, 2025Ravie LakshmananVulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set...
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as...
