OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a...
Campaigns
20 articles
OceanLotus: From external espionage to domestic targeting
A shift in operational pattern of the infamous Vietnam-aligned APT group
Making the cloud prove it followed your privacy wishes
Making companies that store personal data in cloud key-value databases handle deletion requests by running the operation and confirming the job is complete. ...
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers
The company says there’s little evidence it influenced any real policy discussion. The post OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT...
New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials
A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser au...
Hackers Use Fake Utility Downloads to Deploy ScreenConnect and Cryptominers
An active cryptojacking campaign in which malicious download sites are surfaced not only through traditional search engine poisoning, but also through AI cha...
UK weakens proposed telecoms defenses against Chinese hackers after industry pushback
Britain has weakened proposed cybersecurity protections for its telecoms networks that were developed in response to the Salt Typhoon espionage campaign, aft...
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enou...
North Korea Hackers Weaponize GitHub to Target Developers
A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross‑platform malware via attacker-controlled GitHub rep...
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Pyt...
WhatsApp Blocks Pegasus Spyware Campaign Linked to NSO Group
WhatsApp has disrupted a new spyware campaign linked to the NSO Group, the controversial surveillance vendor behind Pegasus, while simultaneously seeking leg...
NFCShare Android Malware Spreads via Weaponized Banking Apps
A renewed and operationally refined wave of the NFCShare Android banking trojan that delivers NFC card-data theft by masquerading as legitimate banking appli...
Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor
Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users.
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
The company said it spotted a spearphishing campaign linked to the Israeli spyware maker targeting WhatsApp users, despite a court order prohibiting it. The ...
TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)
This diary continues the Internet Storm Center&#;x26;#;39;s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the ...
UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB dri...
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families co...
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across pr...
When attacks spread too far: Lessons from real cyber attack case studies
In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during ...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malw...