Cyber Security Archives • Page 7 of 85 • Daily CyberSecurity

Global Spies Use ZipperDown and Android Zero-Days for 1-Click Email Client RCE and Account Takeover Android Zero-Day Espionage, ZipperDown Exploitation

Android Zero-Day Espionage, ZipperDown Exploitation

Global Spies Use ZipperDown and Android Zero-Days for 1-Click Email Client RCE and Account Takeover

Do Son November 5, 2025

The RedDrip team at QiAnXin Threat Intelligence Center has released a new report detailing a multi-year series...

Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy CVE-2024-36072 Water Gamayun, MSC EvilTwin

CVE-2024-36072 Water Gamayun, MSC EvilTwin

Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy

Do Son November 4, 2025

Seqrite Labs’ APT Team has released a detailed report exposing the latest espionage operations conducted by the...

Operation SkyCloak Targets Russian/Belarusian Military With LNK Exploit and OpenSSH Over Tor Backdoor SkyCloak Tor Espionage, OpenSSH Over Tor

SkyCloak Tor Espionage, OpenSSH Over Tor

Operation SkyCloak Targets Russian/Belarusian Military With LNK Exploit and OpenSSH Over Tor Backdoor

Do Son November 3, 2025

Researchers at SEQRITE Labs have uncovered a stealthy cyber espionage campaign dubbed “Operation SkyCloak”, which has been...

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading UNC6384 PlugX, LNK Exploit

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading

Do Son November 3, 2025

Researchers at Arctic Wolf Labs have uncovered an extensive cyber espionage campaign by UNC6384, a Chinese-affiliated threat...

North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT Kimsuky HttpTroy, Lazarus BLINDINGCAN RAT

Kimsuky HttpTroy, Lazarus BLINDINGCAN RAT

North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT

Do Son November 3, 2025

Researchers at Gen Threat Labs have identified two new toolsets in active use by North Korean state-sponsored...

Sandworm APT Attacks Belarus Military With LNK Exploit and OpenSSH Over Tor obfs4 Backdoor ThinkPHP Vulnerabilities

Sandworm APT Attacks Belarus Military With LNK Exploit and OpenSSH Over Tor obfs4 Backdoor

Do Son November 1, 2025

Researchers at Cyble Research and Intelligence Labs (CRIL) have identified a sophisticated malware campaign that leverages weaponized...

Chinese APT BRONZE BUTLER Exploits LANSCOPE Zero-Day for SYSTEM Control BRONZE BUTLER, Zero-Day

Chinese APT BRONZE BUTLER Exploits LANSCOPE Zero-Day for SYSTEM Control

Do Son October 31, 2025

A sophisticated campaign executed by the Chinese state-sponsored threat group BRONZE BUTLER (also known as Tick) has...

Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping Sandworm LotL, Ukraine Espionage

Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping

Do Son October 31, 2025

The Symantec Threat Hunter Team has uncovered two major cyber intrusions in Ukraine attributed to Russian-aligned threat...

BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings

Do Son October 29, 2025

The North Korean APT group BlueNoroff — also known as Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima,...

Kaspersky Exposes Chrome Zero-Day RCE (CVE-2025-2783) Delivering Memento Labs Spyware in ForumTroll Campaign

Do Son October 28, 2025

Researchers at Kaspersky uncovered a sophisticated espionage campaign exploiting a zero-day vulnerability in Google Chrome and delivering...

SideWinder APT Shifts to PDF/ClickOnce Chain to Target South Asian Diplomacy with StealerBot Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

SideWinder APT Shifts to PDF/ClickOnce Chain to Target South Asian Diplomacy with StealerBot

Do Son October 28, 2025

Trellix Advanced Research Center (ARC) has exposed a sophisticated espionage campaign conducted by the SideWinder APT group,...

China-Aligned APTs Launch “Premier Pass-as-a-Service,” Sharing Access in Coordinated Global Espionage Premier Pass-as-a-Service, Earth Estries & Naga

Premier Pass-as-a-Service, Earth Estries & Naga

China-Aligned APTs Launch “Premier Pass-as-a-Service,” Sharing Access in Coordinated Global Espionage

Do Son October 27, 2025

A new Trend Research report has revealed an alarming shift in cyberespionage tactics among China-aligned APT groups,...

PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT

Do Son October 24, 2025

Researchers from SentinelLABS, in collaboration with the Digital Security Lab of Ukraine, have exposed a coordinated spearphishing...

Pakistan-Linked TransparentTribe APT Deploys AI-Assisted DeskRAT Malware Against India’s BOSS Linux Systems

Do Son October 24, 2025

The Sekoia Threat Detection & Research (TDR) Team has identified a new wave of cyber espionage activity...

Symantec Exposes Chinese APT Overlap: Zingdoor, ShadowPad, and KrustyLoader Used in Global Espionage Chinese APT Overlap, Zingdoor ShadowPad

Symantec Exposes Chinese APT Overlap: Zingdoor, ShadowPad, and KrustyLoader Used in Global Espionage

Do Son October 23, 2025

Symantec’s investigation uncovered a complex web of interconnected Chinese espionage operations, with infrastructure and tooling overlapping multiple...

Iran-Linked MuddyWater Deploys Phoenix v4 Backdoor via Compromised Emails and NordVPN Exit Node

Do Son October 23, 2025

Researchers at Group-IB Threat Intelligence have uncovered a new global phishing and espionage campaign conducted by the...

Google Exposes Russian Disinformation Blitz Over Poland Airspace Incursion Using Portal Kombat Network Russia Drone Disinformation, Portal Kombat

Russia Drone Disinformation, Portal Kombat

Google Exposes Russian Disinformation Blitz Over Poland Airspace Incursion Using Portal Kombat Network

Do Son October 22, 2025

Google’s Threat Intelligence Group (GTIG) has uncovered multiple coordinated pro-Russia information operations (IO) exploiting the September 9–10,...

PassiveNeuron Cyberespionage Resurfaces: APT Abuses MS SQL Servers to Deploy Stealthy Neursite Backdoor

Do Son October 22, 2025

Kaspersky researchers have uncovered new details about PassiveNeuron, a long-running cyberespionage campaign targeting government, financial, and industrial...

Bitter APT Attacks China/Pakistan with WinRAR Zero-Day and New C# Backdoor via Office Macro Bitter APT C# Backdoor, WinRAR Path Traversal