Chinese Hackers Target European Governments in Espionage Campaigns
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint
Defense
20 articles
Mimecast makes enterprise email security deployable in minutes
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations...
Allegedly stolen Lockheed Martin data being peddled for almost $600M
Leading U.S.
China-linked groups conduct sophisticated cyber espionage against Southeast Asian government
Security Affairs reports that multiple China-linked threat groups executed a complex cyber campaign against a Southeast Asian government in 2025, employing a...
Download: 2026 SANS Identity Threats & Defenses Survey
New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, whil...
Google Introduces Advanced Ransomware Defense and Recovery Features in Drive
Google has officially moved its advanced ransomware detection and file restoration features for Google Drive out of beta, making them generally available to ...
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks.
DeepLoad Malware Uses ClickFix and AI Evasion to Hit Enterprise Networks
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix tech...
India Set to Ban Hikvision, TP-Link Devices in April
Starting April 1, 2026, the Indian government will officially enforce a nationwide ban on the sale of internet-connected CCTV cameras from major Chinese manu...
TA446 Uses DarkSword Exploit Kit to Target iPhone Users
TA446, a Russia-linked espionage group, has started using the DarkSword exploit kit to compromise iOS devices in a new phishing wave that abuses Atlantic Cou...
Why risk alone doesn’t get you to yes
I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission...
How Microsoft Defender protects high-value assets in real-world attack scenarios
High-value assets including domain controllers, web servers, and identity infrastructure are frequent targets in sophisticated attacks. Microsoft Defender ap...
Doppel's Bobby Ford on why legacy controls are failing
Doppel's Bobby Ford explains how AI-powered impersonation and deepfake-enabled campaigns are exposing critical gaps in legacy defenses.
Hackers Deploy USB Malware, RATs, and Stealers in Southeast Asian Government Attacks
A multi-cluster cyberespionage operation in which attackers used USB-propagated malware, multiple RATs, loaders, and a custom stealer to target a Southeast A...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked thre...
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
A China-nexus threat actor known as Red Menshen is planting stealthy backdoors deep inside global telecommunications networks. According to a recent investig...
Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government
Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders. The post Converging ...
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government net...
Former NSA chiefs worry American offensive edge in cybersecurity is slipping
A systemic numbness to cyberattacks has exposed the U.S.
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click...