Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Campaigns

20 articles

Infosecurity Magazine Campaigns May 26

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign

Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning

T1566

Infosecurity Magazine →

Security Affairs Campaigns Check Point Zoom May 26

Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers

Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched...

Security Affairs →

ESET Research Campaigns Google May 26

BTMOB: A stealthy RAT burrowing deep into Android devices

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise

ESET Research →

Security Affairs Campaigns May 26

Lazarus APT unveils fileless remote access Trojan designed to evade detection

North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind.

Security Affairs →

The Hacker News Campaigns May 26

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures im...

T1566

The Hacker News →

GBHackers Campaigns May 26

Malicious PDF LNK Files Deploy Cobalt Strike in Operation Dragon Whistle

A newly uncovered cyber campaign dubbed “Operation Dragon Whistle” is targeting China’s education sector with highly tailored spear-phishing attacks that dep...

T1566

GBHackers →

GBHackers Campaigns Trend Micro May 26

Jailbroken Gemini AI Abused in Credential Theft and Crypto Wallet Heist

Jailbroken Gemini AI has been weaponised in a long-running campaign that combined political influence, credential theft, and a cryptocurrency wallet heist, a...

T1078

GBHackers →

SANS ISC Campaigns Microsoft GitHub May 25

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub&#;x26;#;39;s own internal codebase, it trojanized an officially Microsoft...

SANS ISC →

SANS ISC Campaigns Microsoft GitHub May 25

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub&#;x26;#;39;s own internal codebase, it trojanized an officially Microsoft...

SANS ISC →

GBHackers Campaigns Microsoft May 25

APT Group Patches termsrv.dll to Enable Multiple RDP Sessions

A sustained cyber espionage campaign attributed to the Cloud Atlas advanced persistent threat (APT) group has introduced a stealthy technique that modifies t...

GBHackers →

GBHackers Campaigns May 25

Italian Authorities Dismantle CINEMAGOAL App Enabling Unauthorised Access to Streaming Platforms

Italian law enforcement agencies have dismantled a sophisticated piracy operation centered around the CINEMAGOAL application, which enabled unauthorized acce...

GBHackers →

The Hacker News Campaigns May 25

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware.

T1195 1 IOC

The Hacker News →

GBHackers Campaigns Linux May 25

Kazuar Malware Becomes Modular Spyware for Secret Blizzard Ops

A major evolution in the Kazuar malware family, a long-standing cyber espionage tool linked to the Russian state-sponsored threat group Secret Blizzard, also...

T1598

GBHackers →

GBHackers Campaigns May 25

Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack

Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source p...

T1041 T1195 1 IOC

GBHackers →

BleepingComputer Campaigns GitHub May 23

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after a...

T1195

BleepingComputer →

The Hacker News Campaigns Oracle GitHub Linux May 23

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved f...

T1195

The Hacker News →

The Hacker News Campaigns May 23

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to del...

T1195

The Hacker News →

Security Affairs Campaigns May 23

Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwrite...

T1566

Security Affairs →

GBHackers Campaigns Google May 23

Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers

Financially motivated threat actors are running an active campaign that impersonates Google’s Gemini CLI and Anthropic’s Claude Code, using SEO poisoning to ...

GBHackers →

The Hacker News Campaigns May 22

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine's National Security and Defense Council) has been observed using lures...

T1566

The Hacker News →

«Previous page 1 ... 18 19 20 21 22 ... 31 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA