Cyber Espionage

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware

A newly identified cyber threat cluster, UAT-10362, has been linked to targeted spear-phishing attacks aimed at organizations in Taiwan, including non-governmental organizations (NGOs) and academic institutions. The campaign deploys a previously unknown malware framework called LucidRook. Security researchers from Cisco Talos revealed that the operation was first detected in October 2025 and demonstrates a high […]

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware Read More »

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits

A new cyber espionage operation linked to Russia’s state-backed group APT28, also known as Forest Blizzard and Pawn Storm, has been uncovered targeting Ukraine and its allied nations. The campaign delivers a newly identified malware framework called PRISMEX through highly targeted spear-phishing attacks. Security researchers from Trend Micro revealed that the campaign has been active since at least

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits Read More »

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems

A large-scale software supply chain attack linked to North Korean threat actors has been uncovered, involving the of more than 1,700 malicious packages across multiple developer ecosystems, including npm, PyPI, Go, Rust, and Packagist. The campaign, tracked as Contagious Interview, demonstrates a coordinated effort to infiltrate developer environments by disguising malware as legitimate development tools.

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems Read More »

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure

Cybersecurity authorities have issued warnings about a surge in attacks by Iran-linked threat actors targeting operational technology systems in the United States. These attacks are focused on internet-accessible industrial devices, particularly programmable logic controllers (PLCs), which are widely used in critical infrastructure environments. According to alerts from the Federal Bureau of Investigation (FBI), these intrusions have

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure Read More »

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign

A sophisticated cyber espionage campaign linked to Russia’s notorious threat group APT28, also tracked as Forest Blizzard, has been uncovered targeting vulnerable home and small office routers worldwide. The operation focuses on manipulating DNS configurations to intercept sensitive data without user awareness. The campaign, named FrostArmada by Black Lotus Labs, has been active since at least May

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign Read More »

Iran-Linked Password Spraying Campaign Targets Over 300 Israeli Microsoft 365 Organizations

A large-scale cyber operation believed to be connected to Iran has been identified targeting Microsoft 365 environments, primarily focusing on organizations in Israel and the United Arab Emirates. The campaign comes amid rising geopolitical tensions in the Middle East and highlights the increasing use of cloud-focused cyberattacks. According to findings released by Check Point Software Technologies,

Iran-Linked Password Spraying Campaign Targets Over 300 Israeli Microsoft 365 Organizations Read More »

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains

A sophisticated cybercrime group known as Silver Fox, also tracked as SwimSnake, Valley Thief, UTG-Q-1000, and Void Arachne, has escalated its operations in Asia using a previously undocumented remote access trojan (RAT) named AtlasCross RAT. The campaign specifically targets Chinese-speaking users by leveraging typosquatted domains impersonating trusted software brands. Attack Vectors and Targeted Applications The group is

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains Read More »

Three China-Linked Threat Clusters Launch Coordinated Cyber Campaign Against Southeast Asian Government in 2025

A coordinated cyber espionage campaign involving three China-aligned threat clusters has targeted a Southeast Asian government organization throughout 2025, deploying sophisticated malware and backdoor tools. Multiple Threat Clusters Identified The activity has been traced to the following clusters: Palo Alto Networks Unit 42 researchers Palo Alto Networks Unit 42 noted, “The overlapping tactics, techniques, and procedures suggest

Three China-Linked Threat Clusters Launch Coordinated Cyber Campaign Against Southeast Asian Government in 2025 Read More »

Iran-Linked Hackers Compromise FBI Director’s Personal Email, Launch Wiper Attack on Stryker

A cyber espionage campaign linked to Iran has compromised the personal email account of Kash Patel, while also targeting major U.S. healthcare firm Stryker in a destructive cyberattack. FBI Director’s Personal Emails Leaked Online The breach was claimed by the hacktivist group Handala Hack, which published a collection of emails, photos, and documents allegedly belonging to the FBI

Iran-Linked Hackers Compromise FBI Director’s Personal Email, Launch Wiper Attack on Stryker Read More »

China Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy Through Telecom Networks

A highly sophisticated cyber espionage campaign linked to a China-associated threat group has been uncovered, targeting telecommunications infrastructure to infiltrate sensitive government networks. The operation reflects a long-term strategy focused on stealth, persistence, and deep network access, raising serious concerns for global cybersecurity. Silent Infiltration of Telecom Networks The threat group known as Red Menshen,

China Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy Through Telecom Networks Read More »