China's Red Menshen APT Group Unleashes Upgraded BPFdoor: A Global Telecommunications Threat
Red Menshen APT's BPFdoor malware, upgraded for stealth, targets global telcos, bypassing traditional defenses.
Silver Fox's Evolving Threat Landscape: A Deep Dive into Dual Espionage Cyber Campaigns
Silver Fox group shifts from tax lures to WhatsApp stealers, blending espionage with phishing for dual-purpose data theft and intelligence gathering.
Unmasking the Dragon: Web Server Exploits & Mimikatz in Attacks on Asian Critical Infrastructure
Analysis of a Chinese APT campaign targeting Asian critical infrastructure using sophisticated web server exploits and Mimikatz for lateral movement.
Seedworm Unleashes New Backdoors: Iranian APT Targets US Critical Infrastructure Amid Geopolitical Tensions
Iranian APT Seedworm (MuddyWater) deploys new backdoors against US critical sectors, raising cyberwarfare concerns.
Iran's MuddyWater APT Unleashes 'Dindoor' Backdoor on US Critical Infrastructure and Software Firms
MuddyWater APT deploys new 'Dindoor' backdoor targeting US firms, banks, airports, and software companies with advanced cyber espionage tactics.
Unpacking the Proliferation: Possible U.S.-Developed Exploits in the First 'Mass' iOS Attack
Analysis of a sophisticated iOS exploit kit, its journey from a spyware vendor to global threat actors, and potential U.S. origins.
APT37's Evolving Threat: North Korean Hackers Master Air-Gapped Breaches with New Toolkit
North Korea's APT37 expands its sophisticated toolkit, enabling breaches of air-gapped networks, as revealed by Zscaler ThreatLabz.
Google's Decisive Strike: Unpacking the UNC2814 GRIDTIDE Campaign and Global Cyber Espionage Disruption
Google disrupted UNC2814 (GRIDTIDE), a China-nexus cyber espionage group, responsible for 53 breaches across 42 countries targeting governments and telcos.
Anthropic's Claude Under Siege: Investigating Allegations of Illicit Capability Exfiltration by State-Affiliated Actors
Anthropic accuses Chinese labs of illicitly taking Claude's AI capabilities, posing national security risks and enabling offensive cyber operations.
APT36 and SideCopy Unleash Cross-Platform RAT Campaigns Against Indian Entities
APT36 and SideCopy target Indian defense/government with Geta, Ares, DeskRATs for Windows/Linux data exfiltration.
APT28's Lightning Strike: Weaponizing Microsoft Office RTF Zero-Day in 72 Hours
APT28 rapidly weaponized a Microsoft Office RTF vulnerability in three days, launching sophisticated multistage attacks.
APT28 Unleashes "Operation Neusploit" with Microsoft Office Zero-Day Exploit (CVE-2026-21509)
APT28 weaponizes CVE-2026-21509 in Microsoft Office for espionage, targeting Ukraine, Slovakia, Romania in "Operation Neusploit."
RedKitten Unleashed: Iran-Linked Cyber Campaign Targets Human Rights Defenders Amidst Unrest
RedKitten, an Iran-linked cyber campaign, targets human rights NGOs and activists documenting abuses amidst 2025-2026 unrest, using sophisticated social engineering.
Labyrinth Chollima Evolves: Dissecting the Tripartite North Korean Threat
CrowdStrike assesses Labyrinth Chollima fractured into three North Korean APTs, specializing in finance, espionage, and disruption.
Rising Tide: Chinese APTs Unleash Advanced Malware on Asian Organizations
Chinese APTs deploy new, high-end cyber weapons against Asian organizations, escalating regional cyber threats and demanding robust defenses.
The Silent Spies: How Malicious Chrome Extensions Hijack Your ChatGPT Sessions
Researchers uncover 16 malicious Chrome extensions silently siphoning user data and hijacking active ChatGPT sessions.
PeckBirdy Takes Flight: Unpacking China's Cross-Platform JScript C2 Operations
China-backed 'PeckBirdy' group uses JScript C2 and new backdoors in cross-platform attacks targeting gambling sites and governments.
North Korean APTs Weaponize VS Code Projects: A New Frontier in Developer Targeting
North Korean hackers evolve the Contagious Interview campaign, using malicious VS Code projects to deliver backdoors, targeting developers.