Critical Infrastructure

Zero-Day Threat: UAT-8837 Targets North American Infrastructure Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Zero-Day Threat: UAT-8837 Targets North American Infrastructure

Do Son January 16, 2026

A sophisticated threat actor, tentatively linked to China, is aggressively targeting critical infrastructure in North America with...

China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe illegal streaming networks complex criminal enterprises UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

illegal streaming networks complex criminal enterprises UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe

Do Son January 12, 2026

Cisco Talos has pulled the curtain back on UAT-7290, a threat actor operating out of the China-nexus...

Taiwan Faces 2.6 Million Cyberattacks Daily from China Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Taiwan Faces 2.6 Million Cyberattacks Daily from China

Do Son January 8, 2026

Recently, Taiwan’s National Security Bureau (NSB) has released a comprehensive report detailing a massive surge in state-sponsored...

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams Supply Chain Phishing, npm Abuse

Supply Chain Phishing, npm Abuse

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams

Do Son December 25, 2025

A new investigation by The Socket Threat Research Team has uncovered a sophisticated spear-phishing operation that has...

Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm’s Tactical Pivot: Russian GRU Abandons Zero-Days to Weaponize Misconfigured Edge Devices

Do Son December 17, 2025

A new report from Amazon Threat Intelligence reveals a disturbing evolution in Russian state-sponsored cyber operations. The...

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure

Do Son December 15, 2025

A sophisticated threat group turned a cybersecurity giant’s reputation against itself, launching a targeted spear-phishing campaign that...

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs Pro-Russia Hacktivist OT Attack, Unsecured VNC HMI

Pro-Russia Hacktivist OT Attack, Unsecured VNC HMI

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs

Do Son December 11, 2025

A coalition of international cybersecurity agencies, led by the FBI, CISA, and the NSA, has issued a...

China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage Discord C2, UNC5174 Espionage

Discord C2, UNC5174 Espionage

China APT UNC5174 Hijacks Discord API as Covert C2 Channel to Evade Detection and Conduct Espionage

Do Son December 6, 2025

A sophisticated cyber-espionage campaign linked to the Chinese state-sponsored threat group UNC5174 has been discovered utilizing the...

Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Salt Typhoon: China’s State-Sponsored Espionage Group Infiltrates Global Telecoms for Long-Term Cyber Warfare

Do Son September 27, 2025

A new report from DomainTools exposes the operations of Salt Typhoon, a Chinese state-sponsored cyber threat group...

Hacktivists Launch Coordinated Attacks on India’s Infrastructure hacktivist attacks

hacktivist attacks

Hacktivists Launch Coordinated Attacks on India’s Infrastructure

Do Son September 18, 2025

India’s digital infrastructure has become a high-value battleground for hacktivists. A new analysis from CYFIRMA highlights how...

Critical Vulnerabilities Discovered in Planet Technology Industrial Cellular Gateways CVE-2025-9971 CVE-2025-9972 PLANET Technology - CVE-2024-8456

CVE-2025-9971 CVE-2025-9972 PLANET Technology - CVE-2024-8456

Critical Vulnerabilities Discovered in Planet Technology Industrial Cellular Gateways

Do Son September 18, 2025

The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a security advisory warning of...

CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access

Do Son September 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory about a critical flaw in...

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

BlackNevas Ransomware: A Persistent Global Threat With Impossible-to-Decrypt Payloads

Do Son September 12, 2025

AhnLab researchers have published a technical analysis of BlackNevas, a ransomware group that has been steadily launching...

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible The created ransom note

The created ransom note

CyberVolk Ransomware’s Decryption Flaw Makes Data Recovery Impossible

Do Son September 11, 2025

AhnLab researchers have released an in-depth technical analysis of the CyberVolk ransomware, a strain that has been...

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe Interlock ransomware, double extortion

Interlock ransomware, double extortion

Interlock Ransomware Strikes: A New Strain Is Wrecking Havoc in North America and Europe

Do Son August 29, 2025

The AhnLab Security Emergency Response Center (ASEC) has published new research on the Interlock ransomware group, which...

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Do Son August 28, 2025

In a multinational alert, the U.S. National Security Agency (NSA), CISA, FBI, and partners from more than...

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Rockwell Automation Warning OT Security Rockwell SQLi, Industrial Safety DoS Verve Asset Manager API OT Privilege Escalation Rockwell NAT Router, Critical Auth Bypass Rockwell ICS Privilege Escalation, MSI Repair Attack CVE-2025-7353 Critical vulnerability, industrial control systems Rockwell vulnerability, ICS security Rockwell Arena, Memory Abuse Rockwell Automation, RCE Vulnerability CVE-2025-24479 and CVE-2025-24480 - CVE-2025-0477

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Do Son August 18, 2025

Rockwell Automation has issued a critical security advisory regarding a remote code execution (RCE) vulnerability affecting its...

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign Blue Locker, Ransomware

Blue Locker, Ransomware

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign

Do Son August 18, 2025

Pakistan has found itself in the crosshairs of a sophisticated ransomware campaign, as the country’s National Cyber...

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover ARC Solo, CISA Alert

ARC Solo, CISA Alert

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover

Do Son August 11, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about a critical authentication...

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover EG4 Electronics, CISA Alert

EG4 Electronics, CISA Alert

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover

Do Son August 9, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation warning about multiple high-severity...