Cyberespionage Archives • Page 2 of 3 • Daily CyberSecurity

APT37 Escalates Cyber-Espionage on South Korea: New RoKRAT Backdoor Uses Stealthy LNK Files & Steganography APT37, RoKRAT Malware

APT37 Escalates Cyber-Espionage on South Korea: New RoKRAT Backdoor Uses Stealthy LNK Files & Steganography

Do Son August 4, 2025

The North Korea-linked threat actor APT37, known for its persistent cyberespionage campaigns in South Korea and beyond,...

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure Telecom Cyberespionage, Liminal Panda

The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure

Do Son August 4, 2025

In a revealing report by Palo Alto Networks’ Unit 42, a high-level cyberespionage campaign targeting critical telecommunications...

Russian State Hackers Spy on Moscow Embassies via ISP-Level AiTM Attacks WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Russian State Hackers Spy on Moscow Embassies via ISP-Level AiTM Attacks

Do Son August 1, 2025

A covert cyberespionage operation by Russian state actor Secret Blizzard has been targeting foreign embassies in Moscow,...

Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets Lazarus Group, Software Supply Chain

Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets

Do Son July 31, 2025

In a recently expose, Sonatype reveals a covert cyberespionage campaign orchestrated by the North Korea-linked Lazarus Group,...

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2 Cyberespionage, DLL Hijacking

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2

Do Son July 31, 2025

Kaspersky Labs has revealed a highly obfuscated cyberespionage campaign targeting Russian IT companies and global businesses, employing...

Before Vegas: The “Red Hackers” Who Forged China’s Cyber Empire AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

Before Vegas: The “Red Hackers” Who Forged China’s Cyber Empire

Do Son July 23, 2025

China’s state-backed cyber operations didn’t emerge overnight—they were forged over decades by a generation of hackers who...

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures Android Spyware, MuddyWater APT

DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures

Do Son July 23, 2025

A newly evolved version of the Android surveillanceware family known as DCHSpy is making waves in the...

APT41 Unleashes Full Arsenal in Rare African Cyberespionage Campaign Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

APT41 Unleashes Full Arsenal in Rare African Cyberespionage Campaign

Do Son July 22, 2025

In a newly published report, Kaspersky’s Managed Detection and Response (MDR) team has unveiled a high-level cyberespionage...

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

Do Son July 15, 2025

Researchers from Unit 42 at Palo Alto Networks have uncovered a novel backdoor—HazyBeacon—used by a threat cluster...

DoNot APT Expands to Europe: Targets Foreign Ministry with LoptikMod Malware via Google Drive Phishing DoNot APT, European Cyberespionage

DoNot APT Expands to Europe: Targets Foreign Ministry with LoptikMod Malware via Google Drive Phishing

Do Son July 11, 2025

In a newly uncovered campaign, the DoNot APT group—also tracked as APT-C-35, Mint Tempest, Origami Elephant, and...

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks China Cyberespionage, HAFNIUM Arrest

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks

Do Son July 9, 2025

The U.S. Department of Justice (DOJ) has unsealed a nine-count indictment against Xu Zewei (徐泽伟), 33, a...

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

Do Son July 7, 2025

In a revelation from SpyCloud Labs, two confidential Chinese datasets—known as the VenusTech Data Leak and the...

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage NightEagle APT, Exchange Zero-Day

“NightEagle” APT Group Soars Over China’s Critical Tech: Zero-Days, Exchange Exploits, and Tailored Espionage

Do Son July 7, 2025

QiAnXin’s RedDrip team has exposed the full-scale cyber operations of a shadowy state-aligned APT group dubbed NightEagle...

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS! NimDoor, macOS Malware

NimDoor: North Korean APT Uses Nim-Based Malware for Stealthy Web3 & Crypto Attacks on macOS!

Do Son July 3, 2025

A new wave of North Korean cyberattacks is exploiting macOS systems in Web3 and cryptocurrency startups using...

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits Houken, Ivanti CSA Zero-Day

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Do Son July 2, 2025

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day...

OneClik” APT Unmasked: China-Linked Campaign Abuses Microsoft ClickOnce & AWS Cloud to Target Energy Sector CloudComputating - QSC framework

OneClik” APT Unmasked: China-Linked Campaign Abuses Microsoft ClickOnce & AWS Cloud to Target Energy Sector

Do Son June 26, 2025

The Trellix Advanced Research Center has unveiled a covert and highly sophisticated APT malware campaign dubbed OneClik,...

APT36 Unleashes Advanced Phishing Against Indian Defense Personnel: New Anti-Analysis Malware & NIC Impersonation APT36, Indian Defense Cyberattack

APT36 Unleashes Advanced Phishing Against Indian Defense Personnel: New Anti-Analysis Malware & NIC Impersonation

Do Son June 25, 2025

CYFIRMA has released an in-depth analysis detailing a highly targeted phishing campaign by APT36, also known as...

LapDogs: China-Nexus Threat Actors Deploy Covert ORB Network on 1,000+ SOHO Devices Globally LapDogs, China-Nexus ORB

LapDogs: China-Nexus Threat Actors Deploy Covert ORB Network on 1,000+ SOHO Devices Globally

Do Son June 25, 2025

In a new report, SecurityScorecard’s STRIKE threat intelligence team has exposed a covert espionage campaign dubbed “LapDogs”,...

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft Visualization of attack chain

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft

Do Son June 23, 2025

Huntress exposes a sophisticated intrusion by North Korean threat actor TA444, using a fake Zoom extension, AppleScript...

Russian APT UNC6293 Exploits Google Application-Specific Passwords to Hack Critics

Do Son June 20, 2025

In a new report released in cooperation with external partners, Google Threat Intelligence Group (GTIG) has attributed...

Critical Alert 1 Active Exploit Detected Today