Iran's MuddyWater APT Unleashes 'Dindoor' Backdoor on US Critical Infrastructure and Software Firms
MuddyWater APT deploys new 'Dindoor' backdoor targeting US firms, banks, airports, and software companies with advanced cyber espionage tactics.
Unpacking the Proliferation: Possible U.S.-Developed Exploits in the First 'Mass' iOS Attack
Analysis of a sophisticated iOS exploit kit, its journey from a spyware vendor to global threat actors, and potential U.S. origins.
APT37's Evolving Threat: North Korean Hackers Master Air-Gapped Breaches with New Toolkit
North Korea's APT37 expands its sophisticated toolkit, enabling breaches of air-gapped networks, as revealed by Zscaler ThreatLabz.
Google's Decisive Strike: Unpacking the UNC2814 GRIDTIDE Campaign and Global Cyber Espionage Disruption
Google disrupted UNC2814 (GRIDTIDE), a China-nexus cyber espionage group, responsible for 53 breaches across 42 countries targeting governments and telcos.
Anthropic's Claude Under Siege: Investigating Allegations of Illicit Capability Exfiltration by State-Affiliated Actors
Anthropic accuses Chinese labs of illicitly taking Claude's AI capabilities, posing national security risks and enabling offensive cyber operations.
APT36 and SideCopy Unleash Cross-Platform RAT Campaigns Against Indian Entities
APT36 and SideCopy target Indian defense/government with Geta, Ares, DeskRATs for Windows/Linux data exfiltration.
APT28's Lightning Strike: Weaponizing Microsoft Office RTF Zero-Day in 72 Hours
APT28 rapidly weaponized a Microsoft Office RTF vulnerability in three days, launching sophisticated multistage attacks.
APT28 Unleashes "Operation Neusploit" with Microsoft Office Zero-Day Exploit (CVE-2026-21509)
APT28 weaponizes CVE-2026-21509 in Microsoft Office for espionage, targeting Ukraine, Slovakia, Romania in "Operation Neusploit."
RedKitten Unleashed: Iran-Linked Cyber Campaign Targets Human Rights Defenders Amidst Unrest
RedKitten, an Iran-linked cyber campaign, targets human rights NGOs and activists documenting abuses amidst 2025-2026 unrest, using sophisticated social engineering.
Labyrinth Chollima Evolves: Dissecting the Tripartite North Korean Threat
CrowdStrike assesses Labyrinth Chollima fractured into three North Korean APTs, specializing in finance, espionage, and disruption.
Rising Tide: Chinese APTs Unleash Advanced Malware on Asian Organizations
Chinese APTs deploy new, high-end cyber weapons against Asian organizations, escalating regional cyber threats and demanding robust defenses.
The Silent Spies: How Malicious Chrome Extensions Hijack Your ChatGPT Sessions
Researchers uncover 16 malicious Chrome extensions silently siphoning user data and hijacking active ChatGPT sessions.
PeckBirdy Takes Flight: Unpacking China's Cross-Platform JScript C2 Operations
China-backed 'PeckBirdy' group uses JScript C2 and new backdoors in cross-platform attacks targeting gambling sites and governments.
North Korean APTs Weaponize VS Code Projects: A New Frontier in Developer Targeting
North Korean hackers evolve the Contagious Interview campaign, using malicious VS Code projects to deliver backdoors, targeting developers.