Operation Alice Takes Down 370,000+ Dark Web Sites
German-led policing effort against fraud operation disrupts countless CSAM and cybercrime sites
Campaigns
20 articles
Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears
Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks
FBI Calls for Help to Track Steam Malware Campaign
The FBI wants to hear from gamers who have downloaded Steam titles containing malware
Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
“Handala Hack” – Unveiling Group’s Modus Operandi
Key Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destruc...
Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign
Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, war...
BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign
BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Sednit reloaded: Back in the trenches
The resurgence of one of Russia’s most notorious APT groups
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign
Multi-Stage "BadPaw" Malware Campaign Targets Ukraine
Malware campaign uses Ukrainian email service for credibility, deploying "BadPaw" to execute attacks
Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App
Espionage campaign exploits Israel-Iran conflict, distributing a trojanized Red Alert app via SMS
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack
Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation
Unmasking Agent Tesla: A Deep Dive into a Multi-Stage Campaign
FortiGuard Labs provides a technical breakdown of a multi-stage Agent Tesla campaign, from phishing and encrypted scripts to in-memory execution, process hol...
Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign
Introduction Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecomm...
Preparing for Russia’s New Generation Warfare in Europe
Russia is escalating its hybrid warfare against NATO into a coordinated, full-scale campaign blending cyber attacks, sabotage, and influence operations. Read...
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
GrayCharlie turns compromised WordPress sites into malware delivery machines. Discover how this threat actor chains fake browser updates and ClickFix lures t...
GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (A...