Pierluigi Paganini
September 17, 2025
China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espionage group APT41 impersonating a U.S. lawmaker in a phishing campaign targeting government, think tanks, and academics tied to U.S.-China trade and policy. APT41, known also as Amoeba, BARIUM, […]
Pierluigi Paganini
September 12, 2025
Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised. Apple warned customers last week about new spyware attacks, the French national Computer Emergency Response Team (CERT-FR) said. The agency confirmed at least four such alerts since early 2025. Apple sent spyware alerts on March 5, April 29, […]
Pierluigi Paganini
September 08, 2025
Venezuela’s President Maduro shows Huawei Mate X6 gift from China’s President Xi Jinping, hailing it as “unhackable” by U.S. spies. Last week, Venezuelan President Nicolás Maduro showcased a Huawei Mate X6 smartphone, reportedly gifted by China’s President Xi Jinping, claiming that US cyber spies cannot hack it. Venezuelan President Maduro said that his device is […]
Pierluigi Paganini
September 08, 2025
Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security Agency (NUKIB) warns of growing risks from Chinese-linked technologies in critical sectors like energy, healthcare, transport, and government. The agency warns of risks from Chinese-made devices (phones, […]
Pierluigi Paganini
August 31, 2025
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised […]
Pierluigi Paganini
August 29, 2025
WhatsApp warns users targeted by advanced spyware, sending threat notifications to affected individuals from the past 90 days. A new zero-click exploit used to hack WhatsApp users, reported Donncha Ă“ Cearbhaill, Head of Security Lab at @AmnestyTech. WhatsApp has just sent out a round of threat notifications to individuals they believe were targeted by an […]
Pierluigi Paganini
August 29, 2025
Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure. The Dutch intelligence and security services MIVD and AIVD say Chinese cyber spies linked to Salt Typhoon (RedMike) targeted the Netherlands in a campaign hitting global critical infrastructure. In late 2024, a large-scale Chinese cyberespionage campaign targeting global telecoms was […]
Pierluigi Paganini
August 28, 2025
NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and […]
Pierluigi Paganini
August 27, 2025
The China-linked APT group UNC6384 targeted diplomats by hijacking web traffic to redirect it to a website that delivered malware. China-linked cyberespionage group UNC6384 targeted diplomats by hijacking web traffic to redirect to a website used to deliver malware, Google’s Threat Intelligence Group (GTIG) warns. Cyberspies hijacked a network’s captive portal using an advanced adversary-in-the-middle […]
Pierluigi Paganini
August 25, 2025
APT36 uses Linux .desktop files in new attacks on Indian gov & defense, aiming for data theft and persistent espionage access. Transparent Tribe (aka APT36, Operation C-Major, and Mythic Leopard), a Pakistan-linked threat actor, is using Linux .desktop files to load malware in new attacks against government and defense entities in India. The APT group […]
