Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
Campaigns
20 articles
GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (A...
Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware
Singapore Takes Down Chinese Hackers Targeting Telco Networks
Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentr...
Rublevka Team: Anatomy of a Russian Crypto Drainer Operation
Rublevka Team exemplifies the industrialization of crypto scams. Learn how traffer teams and wallet drainers enable high-volume theft.
New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
Android RAT Uses Hugging Face to Host Malware
Bitdefender has discovered a new Android malware campaign that uses Hugging Face
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers
New AI-Developed Malware Campaign Targets Iranian Protests
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran
Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity
The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats
Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign
Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped from social media.
Researchers Uncover “Haxor” SEO Poisoning Marketplace
Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO”
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm
LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords
Phoney email alerts suggest users need to backup their LastPass accounts within 24 hours.
Peruvian Loan Scam Harvests Cards and PINs via Fake Applications
Loan phishing operation in Peru is stealing card info by impersonating financial institutions
LinkedIn Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmenta...