APT Archives • Page 5 of 7 • Daily CyberSecurity

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers Exchange Backdoor, GhostContainer

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

Do Son July 18, 2025

In a recent incident response operation, Kaspersky Labs uncovered a highly sophisticated backdoor named GhostContainer, designed to...

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access SonicWall Hack, Rootkit

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access

Do Son July 17, 2025

Google’s Threat Intelligence Group (GTIG) uncovers a stealthy, sophisticated campaign led by a financially motivated actor tracked...

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again NPM Supply Chain, North Korea Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Do Son July 15, 2025

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks China Cyberespionage, HAFNIUM Arrest

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks

Do Son July 9, 2025

The U.S. Department of Justice (DOJ) has unsealed a nine-count indictment against Xu Zewei (徐泽伟), 33, a...

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

Do Son July 7, 2025

In a revelation from SpyCloud Labs, two confidential Chinese datasets—known as the VenusTech Data Leak and the...

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage NightEagle APT, Exchange Zero-Day

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

Do Son July 7, 2025

QiAnXin’s RedDrip team has exposed the full-scale cyber operations of a shadowy state-aligned APT group dubbed NightEagle...

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS! NimDoor, macOS Malware

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!

Do Son July 3, 2025

A new wave of North Korean cyberattacks is exploiting macOS systems in Web3 and cryptocurrency startups using...

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits Houken, Ivanti CSA Zero-Day

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Do Son July 2, 2025

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day...

ClickFix Unmasked: How North Korea’s Kimsuky Group Turned PowerShell into a Weapon of Psychological Deception

Do Son July 1, 2025

In its latest threat intelligence report, the Genians Security Center (GSC) has uncovered a new evolution in...

Blind Eagle (APT-C-36): Financially Motivated Cybercrime Meets Open-Access Infrastructure in LATAM

Do Son June 30, 2025

Trustwave SpiderLabs has uncovered new insights into the operations of Blind Eagle (APT-C-36), a Latin America-focused threat...

China-Aligned Hive0154 APT Strikes Tibetan Community: Pubload Backdoor Delivered via Phishing Lures Artivion cybersecurity - Zero-Day Attacks

Artivion cybersecurity - Zero-Day Attacks

China-Aligned Hive0154 APT Strikes Tibetan Community: Pubload Backdoor Delivered via Phishing Lures

Do Son June 27, 2025

In a politically charged cyber-espionage campaign, IBM X-Force has identified the resurgence of the China-aligned threat group...

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

OneClik” APT Unmasked: China-Linked Campaign Abuses Microsoft ClickOnce & AWS Cloud to Target Energy Sector CloudComputating - QSC framework

OneClik” APT Unmasked: China-Linked Campaign Abuses Microsoft ClickOnce & AWS Cloud to Target Energy Sector

Do Son June 26, 2025

The Trellix Advanced Research Center has unveiled a covert and highly sophisticated APT malware campaign dubbed OneClik,...

DRAT V2 Emerges: New Delphi-Compiled RAT Targets Indian Government with Expanded Post-Exploitation

Do Son June 25, 2025

A new variant of the DRAT remote access trojan has emerged, signaling a continued evolution in TAG-140’s...

BitoPro Crypto Heist: North Korea’s Lazarus Group Steals $11.5M via Phished Employee BitoPro Hack, Lazarus Group

BitoPro Crypto Heist: North Korea’s Lazarus Group Steals $11.5M via Phished Employee

Do Son June 24, 2025

In May 2025, the Taiwanese cryptocurrency exchange BitoPro fell victim to a cyberattack, resulting in the loss...

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks CVE-2024-3393 - Zservers sanctions

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

Do Son June 24, 2025

A new report from EnkiWhiteHat has unveiled a sophisticated cyber espionage operation that leverages GitHub private repositories,...

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign Confucius APT, Anondoor Backdoor

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Do Son June 23, 2025

The Confucius APT group—long associated with cyber-espionage operations targeting government and military organizations in South and East...

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft Visualization of attack chain

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft

Do Son June 23, 2025

Huntress exposes a sophisticated intrusion by North Korean threat actor TA444, using a fake Zoom extension, AppleScript...

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals North Korean APT, PylangGhost

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Do Son June 20, 2025

Recently, Cisco Talos unveiled a new Python-based remote access trojan (RAT) dubbed PylangGhost, used exclusively by a...

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign Silver Fox APT, Cyber Espionage

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign

Do Son June 20, 2025

A newly surfaced report from Picus has shed light on Silver Fox (a.k.a. Void Arachne or The...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

APT

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Blind Eagle (APT-C-36): Financially Motivated Cybercrime Meets Open-Access Infrastructure in LATAM

China-Aligned Hive0154 APT Strikes Tibetan Community: Pubload Backdoor Delivered via Phishing Lures

DRAT V2 Emerges: New Delphi-Compiled RAT Targets Indian Government with Expanded Post-Exploitation

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign