APT
-
Taiwan Web Infrastructure Targeted by UAT-7237, Cisco Talos Says
Cisco Talos links a China-aligned APT cluster, UAT-7237, to attacks on Taiwan’s web infrastructure, using customized open-source tooling and a SoundBill shellcode loader to deploy backdoors and credentials-stealing utilities. The operation, active since 2022 and considered a sub-group of UAT-5918, also employs VPN persistence and RDP access, with updates to embed Mimikatz and broader lateral…
-
Curly COMrades APT Targets Georgia and Moldova, Leveraging Ngen for Persistence, Bitdefender Warns
A new cyber espionage campaign attributed to the Curly COMrades threat actor targets Georgia and Moldova, leveraging a mix of legitimate tools and a bespoke backdoor to establish long-term access and exfiltrate credentials, according to Bitdefender.
-
New GhostContainer Malware Targets Microsoft Exchange Servers in Asia
Kaspersky’s SecureList reveals GhostContainer, a new malware targeting Microsoft Exchange servers in Asia, allowing attackers extensive control and potential data exfiltration.
-
New Espionage Group Exploits Microsoft Exchange Zero-Day Vulnerability to Target Chinese High-Tech Industries
A report reveals that the NightEagle Group, an advanced persistent threat, has exploited a zero-day vulnerability in Microsoft Exchange to extract intelligence from Chinese military and tech firms, raising concerns about cyber espionage and the implications for national security.
-
TAG-140 Group Targets Indian Government with New DRAT V2 Malware
The TAG-140 hacking group has been identified as a serious threat to Indian governmental organizations, employing a sophisticated new version of a remote access trojan called DRAT V2. This group has augmented its operations by spoofing official portals and evolving its malware capabilities, raising alarms about national security.
-
Iranian Hacking Group Targets Israeli Cybersecurity Experts in Spear-Phishing Campaign
Charming Kitten, a state-sponsored Iranian hacking group, has launched a spear-phishing campaign targeting cybersecurity experts in Israel, employing sophisticated tactics to establish credibility and facilitate information theft.
-
Rare Werewolf APT Targets Russian Entities with Sophisticated Cyber Attacks
Rare Werewolf, an advanced persistent threat (APT) group, is reported to have launched a series of cyber attacks targeting Russian and CIS entities, using legitimate software to enhance the stealth of their operations.
-
Critical SAP NetWeaver Vulnerability Targeted by Ransomware and APT Groups
Ransomware and Chinese APT groups are exploiting a critical vulnerability in SAP’s NetWeaver, identified as CVE-2025-31324, which has a CVSS score of 10, enabling attackers to execute remote code without authentication.
-
China-Aligned Threat Actor Exploits IPv6 to Hijack Software Updates
TheWizards, a China-aligned APT group, has been exploiting IPv6 protocol vulnerabilities to hijack software updates, deploying malicious tools that facilitate ongoing access to infected systems.
-
Google Patches Critical Zero-Day Flaw in Chrome Amid Ongoing Cyber Threats
Google has issued a security patch for Chrome to address a severe zero-day vulnerability exploited in phishing attacks, urging users to update their browser as cyber threats continue to evolve.
