APT

APT – Advanced Persistent Threat groups

Russia-linked APT28 targets western logistics entities and technology firmsRussia-linked APT28 targets western logistics entities and technology firms

Russia-linked APT28 targets western logistics entities and technology firms

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply…

3 days ago
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacksChina-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a…

5 days ago
APT group exploited Output Messenger Zero-Day to target Kurdish military operating in IraqAPT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

A Türkiye-linked group used an Output Messenger zero-day to spy on Kurdish military targets in Iraq, collecting user data since…

2 weeks ago
Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>

Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations.…

2 weeks ago
Sansec uncovered a supply chain attack via 21 backdoored Magento extensionsSansec uncovered a supply chain attack via 21 backdoored Magento extensions

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple…

3 weeks ago
Russia-linked group Nebulous Mantis targets NATO-related defense organizationsRussia-linked group Nebulous Mantis targets NATO-related defense organizations

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group…

3 weeks ago
France links Russian APT28 to attacks on dozen French entitiesFrance links Russian APT28 to attacks on dozen French entities

France links Russian APT28 to attacks on dozen French entities

France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities. The Russia-linked APT28…

4 weeks ago
SentinelOne warns of threat actors targeting its systems and high-value clientsSentinelOne warns of threat actors targeting its systems and high-value clients

SentinelOne warns of threat actors targeting its systems and high-value clients

SentinelOne warns China-linked APT group PurpleHaze attempted reconnaissance on its systems and high-value clients. Cybersecurity firm SentinelOne warns that a…

4 weeks ago
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast AsiaEarth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the…

4 weeks ago
Operation SyncHole: Lazarus APT targets supply chains in South Korea<gwmw style="display:none;"></gwmw>Operation SyncHole: Lazarus APT targets supply chains in South Korea<gwmw style="display:none;"></gwmw>

Operation SyncHole: Lazarus APT targets supply chains in South Korea<gwmw style="display:none;"></gwmw>

The North Korea-linked Lazarus Group targeted at least six firms in South Korea in a cyber espionage campaign called Operation…

4 weeks ago