Will AI Kill the Bug Bounty Industry?
Anthropic's Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a futur...
APT
Unknown
auto-detected
AI Intelligence Brief cached
Edit Profile
Entity Relationships
Related YARA Rules View all on YARA Rules page →
90-Day Activity
Last 90 Days (20)
Last 90 Days
All Time
15 tough cybersecurity questions every CISO must answer
As CISOs know, an effective security program cannot be static. Rather, it must adapt to the evolving threat landscape and an ever-changing business environment.
Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware ...
Chinese APT VerdantBamboo Targets Appliances with BRICKSTORM Malware
BRICKSTORM is a modular remote access trojan (RAT) originally seen in Golang and later in Rust. It uses a wssoft library with pluggable “tasks” for shell com...
Inside the race to adapt to an AI-powered security world
AI is breaking things faster than anyone can fix them. Security leaders across the industry are racing to figure out what comes next.
Ultrahuman reports customer wellness data accessed in breach
Ultrahuman confirmed that attackers accessed customer data using credentials stolen from an employee's malware-infected laptop.
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, i...
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Hackers are actively deploying a sophisticated malware framework dubbed AZUREVEIL, an Adaptix-based command-and-control (C2) agent, through a targeted spearp...
Nimbus Manticore APT Uses Fake Jobs to Deliver Custom Malware
A newly observed cyber campaign linked to the Iran-aligned threat group Nimbus Manticore (also tracked as UNC1549 and Smoke Sandstorm) is targeting aerospace...
This AI model backdoor attack stays hidden until you customize the model
Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production.
Secure Code Warrior connects developer training to AI usage and code risks
Secure Code Warrior has introduced Adaptive Learning, a capability designed to help organizations support AI software governance through targeted training ba...
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against orga...
[remote] Microsoft - NTLMv2 Hash Capture
Microsoft - NTLMv2 Hash Capture
Hackers Pivot from marimo RCE to Internal Database Using LLM Agent
A newly observed intrusion demonstrates how attackers are replacing static playbooks with AI-driven agents that adapt in real time. The attack began on May 1...
Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns
Geopolitical pressure drove much of the state-sponsored cyber activity recorded between October 2025 and March 2026, according to ESET’s latest APT Activity ...
ESET APT Activity Report Q4 2025–Q1 2026
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026
Another IT governance headache: AI-enabled sanction evasion
Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries ...
Iranian APT Targets Aviation, Software Companies With Updated Tools
Nimbus Manticore has continued its operations during and after the US military campaign against Iran. The post Iranian APT Targets Aviation, Software Compani...
Lazarus APT unveils fileless remote access Trojan designed to evade detection
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind.
APT Group Patches termsrv.dll to Enable Multiple RDP Sessions
A sustained cyber espionage campaign attributed to the Cloud Atlas advanced persistent threat (APT) group has introduced a stealthy technique that modifies t...