APT Archives • Page 4 of 7 • Daily CyberSecurity

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

Do Son August 29, 2025

Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number...

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years Static Tundra CVE-2018-0171

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years

Do Son August 21, 2025

Cisco Talos has released a new analysis exposing “Static Tundra,” a Russian state-sponsored threat actor that has...

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Do Son August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

Inside UAT-7237, a Chinese APT Group Targeting Taiwan Chinese APT, cyberespionage

Inside UAT-7237, a Chinese APT Group Targeting Taiwan

Do Son August 18, 2025

Cisco Talos has published a detailed report exposing a newly designated threat group, UAT-7237, a Chinese-speaking advanced...

Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group

Do Son August 14, 2025

Recently, the North Korean hacking group Kimsuky suffered a breach resulting in the leak of 8.9 GB...

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption Charon Ransomware, APT Tactics

Charon Ransomware Emerges: APT-Style Precision Meets Destructive Encryption

Do Son August 13, 2025

Trend Research has identified a new ransomware family named Charon, targeting the Middle East’s public sector and...

ScarCruft APT Deploys VCD Ransomware, Uses PubNub & New Malware in Espionage Campaign North Korea APT, PubNub Abuse

ScarCruft APT Deploys VCD Ransomware, Uses PubNub & New Malware in Espionage Campaign

Do Son August 11, 2025

S2W’s Threat Analysis and Intelligence Center (TALON) has uncovered a sophisticated malware campaign attributed to the North...

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military

Do Son August 6, 2025

A new threat analysis by Kyaw Pyiyt Htet, a CREST-certified Threat Intelligence Analyst, has revealed the inner...

Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads Kimsuky APT, Cyberespionage

Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads

Do Son August 5, 2025

A new report from Aryaka Threat Research Labs has disclosured one of the most technically sophisticated and...

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure Telecom Cyberespionage, Liminal Panda

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure

Do Son August 4, 2025

In a revealing report by Palo Alto Networks’ Unit 42, a high-level cyberespionage campaign targeting critical telecommunications...

Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework Antivirus Terminator supported arguments when run without parameters

Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework

Do Son August 4, 2025

Check Point Research (CPR) has detailed a previously undocumented Chinese-affiliated threat actor—Storm-2603—linked to aggressive campaigns exploiting Microsoft...

Fire Ant: Stealthy Cyber-Espionage Campaign Targets VMware ESXi & vCenter, Evades Detection Cyber Espionage, VMware Infrastructure

Fire Ant: Stealthy Cyber-Espionage Campaign Targets VMware ESXi & vCenter, Evades Detection

Do Son July 28, 2025

A stealthy and highly sophisticated cyber-espionage campaign known as Fire Ant has been uncovered by Sygnia’s Incident...

Singapore’s Critical Infrastructure Under Attack by China-Linked UNC3886 APT Singapore Critical Infrastructure, UNC3886

Singapore’s Critical Infrastructure Under Attack by China-Linked UNC3886 APT

Do Son July 28, 2025

The OT Cybersecurity Information Sharing and Analysis Center (OT-ISAC) has released a threat alert detailing an ongoing...

Operation GhostChat & PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware Cyber-espionage, Tibetan Community

Operation GhostChat & PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware

Do Son July 25, 2025

In a coordinated investigation with TibCERT, Zscaler ThreatLabz has uncovered two state-sponsored cyber-espionage campaigns—Operation GhostChat and Operation...

Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading Cyber-espionage, Dropping Elephant

Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading

Do Son July 25, 2025

Arctic Wolf Labs has uncovered a new cyber-espionage campaign orchestrated by the threat actor Dropping Elephant, targeting...

Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706) Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)

Do Son July 23, 2025

Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical...

Before Vegas: The “Red Hackers” Who Forged China’s Cyber Empire AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

Before Vegas: The “Red Hackers” Who Forged China’s Cyber Empire

Do Son July 23, 2025

China’s state-backed cyber operations didn’t emerge overnight—they were forged over decades by a generation of hackers who...

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures Android Spyware, MuddyWater APT

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures

Do Son July 23, 2025

A newly evolved version of the Android surveillanceware family known as DCHSpy is making waves in the...

UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia Cyber Espionage, UNG0002

UNG0002: Stealthy South Asian APT Group Unleashes New Malware in Cyber Espionage Campaigns Across Asia

Do Son July 21, 2025

The Seqrite Labs APT-Team has uncovered the latest espionage operations of UNG0002 (Unknown Group 0002), a stealthy...

China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry China Cyber-espionage, Taiwan Semiconductors

China-Aligned APTs Intensify Cyber Espionage on Taiwan’s Semiconductor Industry

Do Son July 21, 2025

A new report from Proofpoint Threat Research sheds light on a coordinated espionage campaign by multiple China-aligned...

Critical Alert 1 Active Exploit Detected Today