Intelligence Archives - Page 3 of 171

Pierluigi Paganini June 16, 2025

New Predator spyware infrastructure revealed activity in Mozambique for the first time

Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique, […]

Pierluigi Paganini June 12, 2025

Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones

Security researchers at Citizen Lab revealed that Paragon’s Graphite spyware can hack fully updated iPhones via zero-click attacks. Citizen Lab has confirmed that Paragon’s Graphite spyware was used to hack fully updated iPhones, targeting at least two journalists in Europe. The group found forensic evidence showing the phones had communicated with the same spyware server. […]

Pierluigi Paganini June 10, 2025

China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns

China-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that a China-linked threat actor, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering […]

Pierluigi Paganini June 09, 2025

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes, per a new DOJ forfeiture complaint. The DOJ filed a civil forfeiture complaint for $7.74M in crypto tied to North Korean fake IT worker schemes linked to the indictment of North Korean Foreign Trade Bank (FTB) representative Sim Hyon Sop. […]

Pierluigi Paganini June 09, 2025

OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. satellite tech research. OpenAI banned ChatGPT accounts that were used by Russian-speaking threat actors and two Chinese nation-state actors. The blocked accounts were used to assist malware development, social media automation, and research about U.S. […]

Pierluigi Paganini June 04, 2025

Ukraine’s military intelligence agency stole 4.4GB of highly classified internal data from Tupolev

Ukraine’s GUR hacked the Russian aerospace and defense company Tupolev, stealing 4.4GB of highly classified internal data. Ukraine’s military intelligence agency GUR (aka HUR) claims the hack of the Russian aerospace and defense company Tupolev. According to Kyiv Post, Ukraine’s Military Intelligence compromised the United Aircraft Company (UAC) Tupolev division, which is a key developer […]

Pierluigi Paganini May 30, 2025

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread propaganda on social media platforms. Meta announced the disruption of three influence operations from Iran, China, and Romania using fake accounts to spread propaganda and manipulate discourse on Facebook, Instagram, and more. The social media giant pointed out that it […]

Pierluigi Paganini May 29, 2025

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a hacked site. Google warns that China-linked APT41 used TOUGHPROGRESS malware with Google Calendar as C2, targeting various government entities via a compromised website. ” In late October 2024, GTIG discovered an exploited government website hosting malware being used to target multiple […]

Pierluigi Paganini May 28, 2025

Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry

The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure. The Czech government strongly condemned China after the cyber espionage group APT31 was linked to a cyberattack targeting the nation’s critical infrastructure. The Czech government condemned China after APT31 hackers infiltrated a ministry’s unclassified system in 2022 […]

Pierluigi Paganini May 27, 2025

Russia-linked APT Laundry Bear linked to 2024 Dutch Police attack

A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. Netherlands General Intelligence and Security Service (AIVD) and the Netherlands Defence Intelligence and Security Service (MIVD) have linked a previously undetected Russia-linked group, tracked Laundry Bear (aka Void Blizzard), to a 2024 police breach. […]

Intelligence

New Predator spyware infrastructure revealed activity in Mozambique for the first time

Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones

China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops

Ukraine’s military intelligence agency stole 4.4GB of highly classified internal data from Tupolev

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry

Russia-linked APT Laundry Bear linked to 2024 Dutch Police attack

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

Sophos fixed two critical Sophos Firewall vulnerabilities

French Authorities confirm XSS.is admin arrested in Ukraine

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

QUICK LINKS

Intelligence

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!