Attack

SideWinder APT Uses ClickOnce Based Attack Chain to Target South Asian Diplomats

A new cyber espionage campaign has been uncovered, showing the continuous evolution of the SideWinder advanced persistent threat (APT) group. The operation, which took place in September 2025, targeted a European embassy in New Delhi and multiple organizations across Sri Lanka, Pakistan, and Bangladesh. Researchers from Trellix, Ernesto Fernández Provecho and Pham Duy Phuc, have […]

SideWinder APT Uses ClickOnce Based Attack Chain to Target South Asian Diplomats Read More »

Researchers Reveal TA585’s MonsterV2 Malware Capabilities, Full Attack Chain

Cybersecurity researchers have exposed a previously undocumented threat actor, TA585, which delivers an off-the-shelf malware called MonsterV2 through targeted phishing campaigns. Proofpoint researchers describe TA585 as operating a self-owned, end-to-end attack chain, managing infrastructure, delivery, and payload installation without relying on third-party distribution services. Background and delivery methods TA585 has used multiple delivery techniques in

Researchers Reveal TA585’s MonsterV2 Malware Capabilities, Full Attack Chain Read More »

New “Cavalry Werewolf” Attack Targets Russian Agencies With FoalShell and StallionRAT

A threat actor, tracked by security researchers as Cavalry Werewolf, has been observed targeting Russian government organisations and critical industry networks, using malware families known as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE links this cluster to multiple other tracked groups, including SturgeonPhisher, Silent Lynx, Comrade Saiga, ShadowSilk, and Tomiris, which suggests overlapping toolsets and tactics.

New “Cavalry Werewolf” Attack Targets Russian Agencies With FoalShell and StallionRAT Read More »

North Korean Hackers Deploy AkdoorTea Backdoor to Target Global Crypto Developers

Cybersecurity researchers have uncovered a new backdoor called AkdoorTea, linked to North Korean threat actors involved in the Contagious Interview campaign. This operation, also known by names such as DEV#POPPER, Famous Chollima, Gwisin Gang, Tenacious Pungsan, UNC5342, and Void Dokkaebi, primarily targets developers working on cryptocurrency and Web3 projects across Windows, Linux, and macOS. According

North Korean Hackers Deploy AkdoorTea Backdoor to Target Global Crypto Developers Read More »

CISA Warns Hackers Exploiting Ivanti EPMM Vulnerabilities to Deploy Malware

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a serious warning about ongoing malware campaigns targeting Ivanti Endpoint Manager Mobile (EPMM) platforms. Threat actors are actively exploiting two critical security flaws, CVE-2025-4427 and CVE-2025-4428, enabling complete system compromise and arbitrary code execution on affected servers. These attacks started shortly after Ivanti publicly disclosed the

CISA Warns Hackers Exploiting Ivanti EPMM Vulnerabilities to Deploy Malware Read More »

Russian Hackers Gamaredon And Turla Join Forces To Deploy Kazuar Backdoor In Ukraine

Cybersecurity researchers have uncovered strong indications that two well-known Russian threat groups, Gamaredon and Turla, are actively working together to target Ukrainian systems. According to Slovak cybersecurity company ESET, the Gamaredon toolset (notably PteroGraphin and PteroOdd) was leveraged in February 2025 to run Turla’s Kazuar backdoor on a Ukrainian endpoint. This suggests that Turla is

Russian Hackers Gamaredon And Turla Join Forces To Deploy Kazuar Backdoor In Ukraine Read More »

5g (11)

ZipLine Campaign Targets Manufacturing Firms with In-Memory MixShell Malware

A newly uncovered phishing operation called the ZipLine campaign is actively targeting U.S. manufacturing companies. The attackers disguise themselves as business partners and exploit supply chain importance to deliver a fileless, memory-resident malware known as MixShell. Unconventional Phishing Tactics Unlike traditional phishing methods, ZipLine reverses the workflow. Instead of sending the first email, threat actors

ZipLine Campaign Targets Manufacturing Firms with In-Memory MixShell Malware Read More »

5g

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station

A team of researchers has introduced a groundbreaking cyberattack technique capable of crashing 5G-enabled devices and downgrading their connectivity to 4G, all without the need for a rogue base station. What is Sni5Gect? The attack, developed by the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), makes use

Sni5Gect Attack Forces 5G Phones to Crash and Downgrade to 4G Without Rogue Base Station Read More »

add a heading (2)

Chinese MURKY PANDA Targets Government and Professional Services

A China-linked advanced threat actor, tracked as MURKY PANDA, has become a major concern in global cybersecurity. Since late 2024, the group has been actively targeting government agencies, legal firms, professional services, technology providers, and academic institutions across North America. Advanced Capabilities in Cyber Operations MURKY PANDA is recognized for its ability to exploit cloud

Chinese MURKY PANDA Targets Government and Professional Services Read More »

add a heading

Chinese Hackers Murky, Genesis, Glacial Panda Intensify Cloud and Telecom Espionage

Cybersecurity researchers have raised alarms over increasing cyber-espionage activity linked to China-based threat groups. Among them, Murky Panda, Genesis Panda, and Glacial Panda have been spotlighted for aggressively targeting cloud infrastructures and telecommunications networks to harvest sensitive intelligence. Murky Panda Exploiting Cloud Relationships A recent CrowdStrike report highlights that Murky Panda, also known as Silk

Chinese Hackers Murky, Genesis, Glacial Panda Intensify Cloud and Telecom Espionage Read More »