APT

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Networks

Over recent years, Chinese state-backed Advanced Persistent Threat (APT) groups have actively targeted critical flaws in enterprise routers, enabling long-term access to global telecom and government networks. Groups known by names like Salt Typhoon and OPERATOR PANDA have systematically attacked provider edge (PE) and customer edge (CE) devices from top vendors, leveraging publicly disclosed Common […]

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Networks Read More »

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Discovery of New Campaign Cybersecurity experts have identified a fresh phishing operation conducted by the North Korean state-sponsored threat group ScarCruft (APT37). The attackers are using a well-known malware called RokRAT to infiltrate systems and steal sensitive information. Researchers at Seqrite Labs named this campaign Operation HanKook Phantom, noting that the attacks are aimed at

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics Read More »

73b1f1d7 e63d 4361 b8a9 864b54291f6a

Sogou Zhuyin Update Server Hijacked in Taiwan Espionage Campaign

An abandoned update server once linked to the Sogou Zhuyin Input Method Editor (IME) has been hijacked by threat actors in a large-scale espionage campaign. The attackers exploited the server to distribute multiple malware families including C6DOOR and GTELAM, primarily targeting users across East Asia. According to Trend Micro researchers Nick Dai and Pierre Lee,

Sogou Zhuyin Update Server Hijacked in Taiwan Espionage Campaign Read More »

5g (12)

ShadowSilk Targets 35 Organizations in Central Asia and APAC via Telegram Bots

A newly identified hacking cluster known as ShadowSilk has been linked to a wave of cyber intrusions aimed at government agencies in Central Asia and the Asia-Pacific (APAC) region. Rising Campaigns and Overlaps with Other Groups Group-IB reports that nearly 36 victims have been confirmed so far, with attackers primarily focused on stealing sensitive data.

ShadowSilk Targets 35 Organizations in Central Asia and APAC via Telegram Bots Read More »

5g (3)

China-Based Threat Group Mustang Panda Tactics and Techniques Exposed

China-based Advanced Persistent Threat (APT) group Mustang Panda has established itself as one of the most sophisticated cyber espionage actors active in the global threat landscape. Active since at least 2014, the group has consistently expanded its operations and capabilities, targeting organizations in both government and non-government sectors. Global Targeting and Spear-Phishing Operations Mustang Panda

China-Based Threat Group Mustang Panda Tactics and Techniques Exposed Read More »

add a heading (4)

UNC6384 Chinese Hackers Use Valid Code Signing Certificates to Bypass Security

In early 2025, a covert cyber-espionage campaign targeted diplomats and government organizations across Southeast Asia and other regions. At the core of this operation is STATICPLUGIN, a downloader cleverly disguised as a legitimate Adobe plugin update. Malicious Redirect via Captive Portal Victims experienced a captive portal hijack, redirecting browsers to malicious domains. The landing page,

UNC6384 Chinese Hackers Use Valid Code Signing Certificates to Bypass Security Read More »

vecteezy hacker in dark room with hooded sweatshirt red warning 69524586

Transparent Tribe Uses Malicious Desktop Shortcuts in Phishing Attacks on Indian Government

The advanced persistent threat (APT) group Transparent Tribe (APT36) has been observed targeting Indian government entities through a new campaign that leverages malicious desktop shortcut files on both Windows and BOSS Linux systems. According to CYFIRMA, attackers are relying on spear-phishing emails to gain initial access. In the case of Linux BOSS systems, malicious .desktop

Transparent Tribe Uses Malicious Desktop Shortcuts in Phishing Attacks on Indian Government Read More »

add a heading (2)

Chinese MURKY PANDA Targets Government and Professional Services

A China-linked advanced threat actor, tracked as MURKY PANDA, has become a major concern in global cybersecurity. Since late 2024, the group has been actively targeting government agencies, legal firms, professional services, technology providers, and academic institutions across North America. Advanced Capabilities in Cyber Operations MURKY PANDA is recognized for its ability to exploit cloud

Chinese MURKY PANDA Targets Government and Professional Services Read More »

add a heading (10)

Scaly Wolf Hackers Target Organizations to Steal Secrets

The cybersecurity world is once again witnessing the rise of advanced threat actors, with groups adopting increasingly complex attack chains to infiltrate corporate systems and extract confidential information. A new investigation by security experts has revealed an ongoing campaign conducted by the Scaly Wolf Advanced Persistent Threat (APT) group). This operation successfully compromised a Russian

Scaly Wolf Hackers Target Organizations to Steal Secrets Read More »

APT36 Hackers Target Indian Government to Steal Login Credentials

A new phishing campaign linked to Pakistan-based APT36 has been identified as a significant threat to Indian government systems. First discovered in August 2025, this operation uses typo-squatted domains to mimic official Indian login portals. When users enter their email credentials, they are redirected to fake pages that closely resemble the National Informatics Centre’s Kavach authentication system.

APT36 Hackers Target Indian Government to Steal Login Credentials Read More »