APT Archives • Page 6 of 7 • Daily CyberSecurity

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw XDSPY

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Do Son June 19, 2025

After years of operating in near-total obscurity, the cyber-espionage group XDSpy has resurfaced in a sophisticated campaign...

Kimsuky APT Group Abuses HWP and AnyDesk for Covert Remote Surveillance

Do Son June 18, 2025

The North Korean threat actor Kimsuky has been spotted deploying yet another advanced phishing campaign—this time leveraging...

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign Team46 APT, Google Chrome Zero-Day

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Do Son June 17, 2025

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC)...

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Do Son June 10, 2025

A stealthy Advanced Persistent Threat (APT) group tracked as Librarian Ghouls—also known by aliases Rare Werewolf and...

Kimsuky’s AppleSeed Returns: North Korea-Linked APT Targets Korean Users via Social Media

Do Son June 10, 2025

In its latest Advanced Persistent Threat (APT) campaign, Kimsuky, a North Korea-linked group, has returned with an...

Operation DRAGONCLONE: China Mobile Tietong Hit by Advanced APT Attack

Do Son June 10, 2025

Seqrite Labs APT-Team has uncovered a targeted campaign against China Mobile Tietong Co., Ltd., a prominent subsidiary...

BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache BladedFeline, Cyberespionage

BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache

Do Son June 10, 2025

In a detailed expose released by ESET, researchers unveiled a sophisticated and persistent cyberespionage campaign by an...

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack Roundcube SVG XSS, HTML Style Sanitizer Roundcube Phishing Roundcube webmail vulnerability

Roundcube SVG XSS, HTML Style Sanitizer Roundcube Phishing Roundcube webmail vulnerability

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack

Do Son June 9, 2025

CERT Polska has sounded the alarm after uncovering a spear phishing campaign that targeted Polish organizations using...

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations TA397, India Cyber Espionage

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations

Do Son June 7, 2025

A new report from Proofpoint Threat Research, in collaboration with Threatray, reveals mounting evidence that TA397 (also...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Do Son June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

New Cyber Threat: UTG-Q-015 Exploits 0-Days for Espionage in Asia UTG-Q-015 Cyber-espionage campaign

New Cyber Threat: UTG-Q-015 Exploits 0-Days for Espionage in Asia

Do Son May 29, 2025

In a threat intelligence report, the Qi’anxin Threat Intelligence Center has exposed a series of highly targeted...

Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors

Do Son May 28, 2025

Trend Micro’s latest threat intelligence report uncovers Earth Lamia — a stealthy and evolving China-nexus advanced persistent...

Decade of Stealth: China-Linked TA-ShadowCricket Targets Asia-Pacific TA-ShadowCricket, Shadow Force malware

Decade of Stealth: China-Linked TA-ShadowCricket Targets Asia-Pacific

Do Son May 26, 2025

AhnLab and South Korea’s National Cyber Security Center (NCSC) have released a detailed joint report on a...

Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure Earth Ammit, Supply Chain Attack

Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure

Do Son May 14, 2025

rend Micro researchers have uncovered the full extent of an elaborate, multi-phase cyber-espionage operation attributed to Earth...

Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware

Do Son May 14, 2025

The Seqrite Labs APT-Team has uncovered a complex cyber-espionage operation dubbed Swan Vector, targeting educational institutions and...

Nebulous Mantis Cyber Espionage Group: RomCom RAT and Hybrid Tactics

Do Son May 3, 2025

A new threat intelligence report by PRODAFT details Nebulous Mantis, a Russian-speaking cyber espionage group operating under...

Earth Kurma APT Targets Southeast Asia with Stealthy Cyberespionage Earth Kurma, Southeast Asia APT

Earth Kurma APT Targets Southeast Asia with Stealthy Cyberespionage

Do Son April 29, 2025

In a newly released report, Trend Research has unveiled the operations of an advanced persistent threat (APT)...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Do Son April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

APT

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Kimsuky APT Group Abuses HWP and AnyDesk for Covert Remote Surveillance

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Operation DRAGONCLONE: China Mobile Tietong Hit by Advanced APT Attack

BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack

TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

New Cyber Threat: UTG-Q-015 Exploits 0-Days for Espionage in Asia

Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors

Decade of Stealth: China-Linked TA-ShadowCricket Targets Asia-Pacific

Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure

Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware

Nebulous Mantis Cyber Espionage Group: RomCom RAT and Hybrid Tactics

Earth Kurma APT Targets Southeast Asia with Stealthy Cyberespionage