APT

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation […]

React to this headline:

Loading spinner

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »

Pakistani Hackers Back at Targeting Indian Government Entities

Pakistani Hackers Back at Targeting Indian Government Entities 2025-08-25 at 16:38 By Ionut Arghire Pakistani state-sponsored hacking group APT36 is targeting Linux systems in a fresh campaign aimed at Indian government entities. The post Pakistani Hackers Back at Targeting Indian Government Entities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Pakistani Hackers Back at Targeting Indian Government Entities Read More »

China-linked Murky Panda targets and moves laterally through cloud services

China-linked Murky Panda targets and moves laterally through cloud services 2025-08-22 at 17:33 By Zeljka Zorz In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to “China-nexus adversaries”, Murky Panda (aka Silk Typhoon) among them. Murky

React to this headline:

Loading spinner

China-linked Murky Panda targets and moves laterally through cloud services Read More »

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI 2025-08-21 at 14:16 By Ionut Arghire Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171. The post Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI Read More »

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) 2025-08-12 at 16:11 By Zeljka Zorz The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.

React to this headline:

Loading spinner

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) Read More »

APT groups are getting personal, and CISOs should be concerned

APT groups are getting personal, and CISOs should be concerned 2025-08-12 at 14:42 By Mirko Zorz Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store

React to this headline:

Loading spinner

APT groups are getting personal, and CISOs should be concerned Read More »

Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft

Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft 2025-08-01 at 15:31 By Ionut Arghire Russian state-sponsored APT Secret Blizzard has used ISP-level AitM attacks to infect diplomatic devices with malware. The post Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft Read More »

UK Sanctions Russian Hackers Tied to Assassination Attempts

UK Sanctions Russian Hackers Tied to Assassination Attempts 2025-07-22 at 13:34 By Ionut Arghire The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU. The post UK Sanctions Russian Hackers Tied to Assassination Attempts appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

UK Sanctions Russian Hackers Tied to Assassination Attempts Read More »

Chinese Hackers Target Chinese Users With RAT, Rootkit

Chinese Hackers Target Chinese Users With RAT, Rootkit 2025-06-27 at 13:02 By Ionut Arghire China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit. The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chinese Hackers Target Chinese Users With RAT, Rootkit Read More »

Chinese APT Hacking Routers to Build Espionage Infrastructure

Chinese APT Hacking Routers to Build Espionage Infrastructure 2025-06-24 at 13:15 By Ionut Arghire A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure. The post Chinese APT Hacking Routers to Build Espionage Infrastructure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chinese APT Hacking Routers to Build Espionage Infrastructure Read More »

Fog Ransomware Attack Employs Unusual Tools

Fog Ransomware Attack Employs Unusual Tools 2025-06-13 at 13:20 By Ionut Arghire Multiple legitimate, unusual tools were used in a Fog ransomware attack, including one employed by Chinese hacking group APT41. The post Fog Ransomware Attack Employs Unusual Tools appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fog Ransomware Attack Employs Unusual Tools Read More »

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names 2025-06-03 at 11:33 By Eduard Kovacs Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute. The post Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names Read More »

Russia-linked hackers target webmail servers in Ukraine-related espionage operation

Russia-linked hackers target webmail servers in Ukraine-related espionage operation 2025-05-15 at 12:01 By Help Net Security ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned Sednit (also known as Fancy Bear or APT28) cyberespionage group, holding the ultimate goal of stealing confidential

React to this headline:

Loading spinner

Russia-linked hackers target webmail servers in Ukraine-related espionage operation Read More »

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed

React to this headline:

Loading spinner

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

Chinese APT Mustang Panda Updates, Expands Arsenal

Chinese APT Mustang Panda Updates, Expands Arsenal 2025-04-17 at 14:05 By Ionut Arghire The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack. The post Chinese APT Mustang Panda Updates, Expands Arsenal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chinese APT Mustang Panda Updates, Expands Arsenal Read More »

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) 2025-04-17 at 12:02 By Zeljka Zorz Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200

React to this headline:

Loading spinner

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Read More »

China-linked FamousSparrow APT group resurfaces with enhanced capabilities

China-linked FamousSparrow APT group resurfaces with enhanced capabilities 2025-03-26 at 17:02 By Help Net Security ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate the compromise, they made an unexpected discovery in the victim’s system: malicious tools

React to this headline:

Loading spinner

China-linked FamousSparrow APT group resurfaces with enhanced capabilities Read More »

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) 2025-03-26 at 13:08 By Zeljka Zorz Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by

React to this headline:

Loading spinner

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) Read More »

Chinese APT Weaver Ant Targeting Telecom Providers in Asia

Chinese APT Weaver Ant Targeting Telecom Providers in Asia 2025-03-25 at 13:54 By Ionut Arghire Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access. The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chinese APT Weaver Ant Targeting Telecom Providers in Asia Read More »

Scroll to Top