More results...
The threat actor group known as Earth Ammit, believed to be associated with Chinese-speaking APTs, has emerged as a significant concern for military and industrial sectors in Eastern Asia. This group orchestrated two distinct campaigns-VENOM and TIDRON…
A newly identified advanced persistent threat (APT) campaign, dubbed “Swan Vector” by Seqrite Labs, has been targeting educational institutions and mechanical engineering industries in East Asian nations, particularly Taiwan and Japan. Disc…
A Türkiye-linked group used an Output Messenger zero-day to spy on Kurdish military targets in Iraq, collecting user data since April 2024. Since April 2024, the threat actor Marbled Dust (aka Sea Turtle, Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) has exploited a zero-day flaw (CVE-2025-27920) in Output Messenger to target Kurdish military-linked users […]
Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER, in recent attacks to steal files and gather system info. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group […]
Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged as a prime target for cyber threat actors, with 406 publicly disclosed victims falling prey to ransomware attacks alone. This figure accounts for rou…
Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. Curiously, the malicious code was injected 6 years ago, but the supply chain attack was […]
PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978, Tropical Scorpius, UNC2596), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities. Since mid-2022, they’ve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. […]
France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities. The Russia-linked APT28 group has targeted or compromised a dozen government organizations and other French entities, the French Government states. In 2024, it was observed attacking OT organizations and linked to cyberattacks on 60 entities in Asia and […]
Seqrite Labs APT team has discovered “Pahalgam Terror Attack” themed documents being used by the Pakistan-linked APT group Transparent Tribe (APT36) to target Indian Government and Defense personnel. The campaign involves both credential phishing and deployment of malicious payloads, with fake domains impersonating Jammu & Kashmir Police and Indian Air Force (IAF) created shortly after […]
The post Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.
A leading U.S.-based cybersecurity firm, sophisticated cyber-espionage campaigns attributed to Chinese state-sponsored actors have come to light. Tracked as the PurpleHaze activity cluster, these adversaries have targeted SentinelOne’s infrastructure a…