APT37 is using Facebook and Telegram to lure defense sector targets into downloading trojanized software, enabling covert data theft via cloud services. Their evolving tactics blend social engineering with technical stealth, making detection harder than ever.
APT31, a Chinese state-sponsored hacker group, infiltrated Russian IT supply chains for years, stealing sensitive data and exposing the fragile trust at the heart of the Sino-Russian alliance.
Mercenary hackers have unleashed ProSpy spyware across the Middle East, using fake secure messaging apps to infiltrate the devices of journalists and activists. This investigation unpacks the methods and implications of the hack-for-hire campaign.
DragonBreath’s RoningLoader campaign is redefining stealth attacks by abusing legitimate Windows tools. Learn how DLL side-loading, code injection, and ‘living off the land’ tactics evade detection—and how new simulation platforms help defenders keep up.
Russian hacking group APT28 has launched a sophisticated PRISMEX malware campaign against Ukraine and NATO, exploiting zero-days and advanced stealth tactics to compromise vital sectors and threaten both espionage and sabotage.
A sweeping North Korean cyber campaign has planted over 1,700 malicious packages across npm, PyPI, Go, Rust, and PHP, targeting developers with stealthy malware. The Contagious Interview operation marks a new escalation in supply chain threats, blending technical cunning with social engineering to compromise software at its source.
#North Korean hackers | #open-source attack | #cyber-espionage
The FBI has dismantled a Russian intelligence operation that secretly hijacked home and office routers to spy on high-value targets. Learn how the attack worked and how to protect your devices.
In a bold move, hacktivist group Handala has published the private chats of Israeli security analyst Raz Zimmt, marking a new chapter in politically motivated cyber-espionage. Here’s what happened—and what it means for digital security.
TA416, a China-linked threat group, is back with advanced PlugX malware and OAuth-based phishing, targeting European and Middle Eastern governments in a new wave of cyber-espionage.
Kimsuky’s new attack chain breaks malware delivery into modular stages, abusing Windows shortcuts, cloud storage, and Python to slip past security. Learn how the North Korean threat group’s evolving tactics challenge defenders.