Advertisement
SideWinder APT Expands Southeast Asia Espionage Campaign
SideWinder APT targets government and telecom sectors in Southeast Asia using spear-phishing and rotating infrastructure for persistent espionage operations.
Poland’s Nuclear Center Targeted in Suspected Iranian Cyberattack
Polish officials investigate a cyberattack at the NCBJ nuclear center. Initial evidence points to Iran, but investigators warn of potential false flag tactics.
Iranian MOIS Collusion with Cybercriminals: Evolving Hybrid Threat
Iranian state-sponsored APTs, linked to MOIS, are now directly collaborating with cybercriminal organizations, escalating hybrid cyber operations. Defenders must adapt.
Coruna Exploit Kit: iOS 13-17.2.1 Targeted by Multiple APTs
Google Threat Intelligence Group details Coruna, a powerful iOS exploit kit targeting versions 13.0 to 17.2.1, used by commercial vendors and nation-state actors for
Google Disrupts UNC2814 GRIDTIDE Infrastructure After 53 Breaches
Google disrupts infrastructure of China-nexus threat actor UNC2814 (GRIDTIDE) after 53 breaches across 42 countries targeting government and telecom sectors.
UNC6201 Exploits Dell RecoverPoint Zero-Day CVE-2026-22769
Mandiant and GTIG detail UNC6201's exploitation of CVE-2026-22769 in Dell RecoverPoint for VMs, deploying GRIMBOLT backdoor and novel VMware TTPs.
Lazarus Group Shifts to Medusa Ransomware & Multi-Tool Attacks
North Korea's Lazarus Group now employs Medusa ransomware, Comebacker backdoor, Blindingcan RAT, and Infohook info stealer in recent attacks, signaling an evolving
Iranian APT MuddyWater Orchestrates Operation Olalampo Targeting MENA Infrastructure
Analysis of a new Iranian cyber-espionage campaign utilizing GhostFetch, CHAR, and HTTP_VIP malware families against organizations in the Middle East and North Africa.