Threat Actors
-
Canada’s House of Commons Investigates Data Breach Tied to Reported Microsoft Vulnerability Exploitation
Canada’s House of Commons is investigating a data breach after a cyberattack reportedly exposed employee information. The Cyber Centre is assisting, and authorities caution that attribution remains complex. The incident comes as Canada and other nations grapple with recently disclosed Microsoft vulnerabilities, including CVE-2025-53770 (ToolShell) and CVE-2025-53786, which have seen active exploitation by various threat…
-
China-linked Cyber Espionage Group Targets Over 70 Organizations Across Various Sectors
A China-linked cyber espionage group has targeted over 70 organizations across various sectors, including a South Asian government and a European media organization, underlining the broad implications of recent cyber infiltration tactics.
-
OpenAI Bans Accounts Used by Cybercriminals for Malicious AI-Assisted Activities
OpenAI has banned a series of ChatGPT accounts linked to malicious activities by Russian and Chinese cybercriminals, revealing the extent to which threat actors are leveraging AI technology for malware development and social media automation.
-
Microsoft and CrowdStrike Collaborate to Standardize Cyber Threat Actor Taxonomies
Microsoft and CrowdStrike have announced a strategic collaboration to unify their cyber threat actor taxonomies, enhancing the ability of security professionals to analyze and respond to cyber threats by reducing confusion among different aliases used for hacking groups.
-
Cybersecurity Firm Reports on Exploitation of Serious CrushFTP Vulnerability
Huntress has detailed alarming activities following exploitation of the CrushFTP vulnerability, demonstrating ongoing risks to critical sectors like marketing and retail. CISA has added the flaw to its KEV catalog, prompting renewed urgency for organizations to secure their systems.
-
RansomHub Affiliates Exploit EDR Tools in Ransomware Attacks
ESET’s recent analysis highlights the alarming tactics employed by RansomHub affiliates, who utilize a custom tool to disable security measures in a coordinated effort with other ransomware groups.
