Skip to main content
← All Articles

Tag

#APT

40 articles

Advertisement

Mustang Panda Exploits Zoho WorkDrive for C2 in Indian Govt Attacks
CRITICAL
Threat Intel

Mustang Panda Exploits Zoho WorkDrive for C2 in Indian Govt Attacks

Mustang Panda, a China-aligned APT, targets Indian government and hydropower entities, leveraging Zoho WorkDrive as a C2 channel and deploying new malware.

Runtime Rebel Intel
4 min read·Jun 29, 2026
TH
CRITICAL
Threat Intel

Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit

Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

Runtime Rebel Intel
13 min read·Jun 26, 2026
North Korean APT Targets Developers via Malicious Tooling
CRITICAL
Threat Intel

North Korean APT Targets Developers via Malicious Tooling

North Korean threat cluster Contagious Interview exploits developer recruitment and code review phishing to deliver malware via tainted dev tools.

Runtime Rebel Intel
4 min read·Jun 16, 2026
TH
CRITICAL
Threat Intel

UNC6508: Chinese Cyberespionage Targets North American Research

Google's Threat Intelligence Group tracks UNC6508, a Chinese cyberespionage group targeting North American medical, military, and AI research sectors.

Runtime Rebel Intel
4 min read·Jun 15, 2026
TH
CRITICAL
Threat Intel

Chinese Hackers Hijack Auth Flow for Decade-Long Espionage

Chinese state-sponsored hackers maintained long-term access to an isolated network by hijacking the authentication flow, enabling a decade of espionage.

Runtime Rebel Intel
5 min read·Jun 13, 2026
TH
HIGH
Threat Intel

China's Strategic Threat: Analyzing the 2026 Tech Landscape

Analysis of China-linked cyber espionage trends and the strategic targeting of global technology sectors driven by the 15th Five-Year Plan.

Runtime Rebel Intel
3 min read·Jun 11, 2026
Chinese and North Korean APT Activity Surges Across APAC Markets
HIGH
Threat Intel

Chinese and North Korean APT Activity Surges Across APAC Markets

Chinese and North Korean threat groups are intensifying operations in Asia-Pacific, impacting regional economies and targeting financial institutions for profit.

Runtime Rebel Intel
3 min read·Jun 11, 2026
TH
CRITICAL
Threat Intel

Chinese APT UNC5221 Deploys New Malware for M365 Persistence

Chinese APT UNC5221 leverages new malware, Plenet and AgentPSD, alongside Brickstorm backdoor to maintain persistent access in compromised Microsoft 365 environments for

Runtime Rebel Intel
5 min read·Jun 5, 2026
TH
CRITICAL
Threat Intel

GreyVibe Threat Actor Leverages AI for Cyberattack Operations

Russia-linked GreyVibe threat actors are using AI tools like ChatGPT and Gemini to enhance cyberattacks, signaling a critical evolution in TTPs.

Runtime Rebel Intel
5 min read·May 28, 2026
Ghostwriter Targets Ukraine Government with Prometheus Phishing
CRITICAL
Threat Intel

Ghostwriter Targets Ukraine Government with Prometheus Phishing

Belarus-aligned Ghostwriter (UAC-0057) targets Ukrainian government entities with Prometheus-themed phishing emails to deploy sophisticated malware. Learn detection and

Runtime Rebel Intel
4 min read·May 22, 2026
TH
HIGH
Threat Intel

Turla Updates Kazuar Backdoor with Modular P2P Botnet Capabilities

Russian threat actor Turla (Secret Blizzard) has upgraded its Kazuar backdoor with peer-to-peer botnet functionality and modular architecture for stealth.

Runtime Rebel Intel
4 min read·May 16, 2026
Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence
HIGH
Threat Intel

Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence

Russian threat actor Turla has evolved the Kazuar backdoor into a peer-to-peer botnet, enhancing stealth and resilience against command-and-control takedowns.

Runtime Rebel Intel
4 min read·May 15, 2026