-
In a groundbreaking disclosure, CloudSEK’s TRIAD unit has unearthed internal operational materials that shed light on Charming Kitten (APT35), revealing an intricate espionage apparatus linked to Iran’s Islamic Revolutionary Guard Corps (IRGC). The lea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2). Security teams must prioritize rea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying a new PowerShell-based loader that abuses Windows Scheduled Tasks to execute its final payload. Active since…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the Middle East, and Asia, deploying a newly discovered .NET malware suite called N…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Stormshield CTI researchers have identified two active phishing servers linked to APT35, revealing ongoing credential-stealing operations targeting government and military entities. In an active threat-hunting operation, Stormshield’s Cyber Threat Inte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russia-linked threat actors continue targeting civil society with sophisticated social engineering campaigns and lightweight malware tools in September 2025. The campaign delivers two previously undocumented malware families: a downloader dubbed BAITSW…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Sekoia.io’s Threat Detection and Response (TDR) team has uncovered a sophisticated campaign by APT28 that weaponizes Signal Messenger to deploy two previously undocumented malware families—BeardShell and the Covenant framework. In early 2025, a trusted…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DarkSamural, a newly identified subspecies of the notorious OceanLotus APT, has launched a sophisticated campaign targeting high-value organizations in Pakistan. Leveraging malicious LNK files masquerading as PDF documents and sophisticated MSC contain…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Lazarus APT group, suspected of having Northeast Asian origins and internally tracked as APT-Q-1 by Qi’anxin, has evolved its attack methodologies by incorporating the sophisticated ClickFix social engineering technique into their c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
