Nation-State 1,600 Victims Hit by South American APT’s Malware South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign. Ionut ArghireMarch 11, 2025
Malware & Threats How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file. Ryan NaraineMarch 6, 2025
Malware & Threats China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks. Ryan NaraineMarch 5, 2025
Nation-State Iranian Hackers Target UAE Firms With Polyglot Files An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano. Ionut ArghireMarch 5, 2025
Nation-State North Korean Fake IT Workers Pose as Blockchain Developers on GitHub North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms. Ionut ArghireMarch 5, 2025
Malware & Threats Freelance Software Developers in North Korean Malware Crosshairs ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters. Ionut ArghireFebruary 21, 2025
Nation-State Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics Cisco Talos observed Chinese hackers pivoting from a compromised device operated by one telecom to target a device in another telecom. Ryan NaraineFebruary 21, 2025
Nation-State How China Pinned University Cyberattacks on NSA Hackers A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division. Ionut ArghireFebruary 21, 2025
Cybercrime Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers. Ryan NaraineFebruary 20, 2025
Malware & Threats How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations. Ryan NaraineFebruary 19, 2025
Nation-State Russian State Hackers Target Organizations With Device Code Phishing Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. Ionut ArghireFebruary 17, 2025
Nation-State Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad. Ionut ArghireFebruary 14, 2025