Advertisement

Mustang Panda Exploits Zoho WorkDrive for C2 in Indian Govt Attacks
Mustang Panda, a China-aligned APT, targets Indian government and hydropower entities, leveraging Zoho WorkDrive as a C2 channel and deploying new malware.
Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit
Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

North Korean APT Targets Developers via Malicious Tooling
North Korean threat cluster Contagious Interview exploits developer recruitment and code review phishing to deliver malware via tainted dev tools.
UNC6508: Chinese Cyberespionage Targets North American Research
Google's Threat Intelligence Group tracks UNC6508, a Chinese cyberespionage group targeting North American medical, military, and AI research sectors.
Chinese Hackers Hijack Auth Flow for Decade-Long Espionage
Chinese state-sponsored hackers maintained long-term access to an isolated network by hijacking the authentication flow, enabling a decade of espionage.
China's Strategic Threat: Analyzing the 2026 Tech Landscape
Analysis of China-linked cyber espionage trends and the strategic targeting of global technology sectors driven by the 15th Five-Year Plan.

Chinese and North Korean APT Activity Surges Across APAC Markets
Chinese and North Korean threat groups are intensifying operations in Asia-Pacific, impacting regional economies and targeting financial institutions for profit.
Chinese APT UNC5221 Deploys New Malware for M365 Persistence
Chinese APT UNC5221 leverages new malware, Plenet and AgentPSD, alongside Brickstorm backdoor to maintain persistent access in compromised Microsoft 365 environments for
GreyVibe Threat Actor Leverages AI for Cyberattack Operations
Russia-linked GreyVibe threat actors are using AI tools like ChatGPT and Gemini to enhance cyberattacks, signaling a critical evolution in TTPs.

Ghostwriter Targets Ukraine Government with Prometheus Phishing
Belarus-aligned Ghostwriter (UAC-0057) targets Ukrainian government entities with Prometheus-themed phishing emails to deploy sophisticated malware. Learn detection and
Turla Updates Kazuar Backdoor with Modular P2P Botnet Capabilities
Russian threat actor Turla (Secret Blizzard) has upgraded its Kazuar backdoor with peer-to-peer botnet functionality and modular architecture for stealth.

Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence
Russian threat actor Turla has evolved the Kazuar backdoor into a peer-to-peer botnet, enhancing stealth and resilience against command-and-control takedowns.