APT

The Russia linked threat group APT28 has been observed deploying two malware implants, BEARDSHELL and COVENANT, in cyber espionage operations targeting Ukrainian military personnel. According to a new investigation by ESET, the malware tools have been actively used since April 2024 to maintain persistent access and conduct long term surveillance. APT28, also widely known by aliases such as Fancy Bear, Sednit, Pawn Storm, and TA422, […]

New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team reveals that an Iranian state-sponsored hacking group has infiltrated multiple U.S. organizations, including banks, airports, a non-profit, and the Israeli division of a software company. The group, known as MuddyWater (also Seedworm), operates under the Iranian Ministry of Intelligence and Security (MOIS). Analysts believe

A cyber espionage campaign linked to China has been targeting telecommunications infrastructure across South America since 2024. The attackers are focusing on Windows servers, Linux systems, and network edge devices, deploying multiple sophisticated malware implants to maintain long term access. Security researchers from Cisco Talos are monitoring this activity under the name UAT-9244, a threat cluster

Cybersecurity researchers have disclosed a campaign attributed to a suspected Iran-linked threat actor targeting Iraqi government officials. The attackers impersonated Iraq’s Ministry of Foreign Affairs to deliver previously unknown malware families, including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Observed by Zscaler ThreatLabz in January 2026, the campaign employs two distinct infection chains that ultimately deploy these malicious tools. A

Cybersecurity researchers have revealed a new Russian cyber campaign targeting Ukrainian organizations using two previously unknown malware families, BadPaw and MeowMeow. According to a report by ClearSky, the attack begins with a phishing email containing a link to a ZIP archive. Once extracted, an HTA file opens a decoy document in Ukrainian concerning border crossing appeals, designed to

Cybersecurity researchers have uncovered fresh details about an advanced persistent threat group known as Silver Dragon, which has been targeting government entities across Europe and Southeast Asia since at least mid 2024. According to a technical analysis published by Check Point, the group employs a mix of server exploitation and phishing attacks to gain initial access,

The cyber threat cluster identified as SloppyLemming has been linked to a new wave of targeted attacks against government institutions and critical infrastructure organizations in Pakistan and Bangladesh, according to fresh research from Arctic Wolf. The activity reportedly occurred between January 2025 and January 2026 and involved two separate malware delivery chains. These attack paths