Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
An active phishing campaign has been observed targeting multiple vectors since at least April 2025 with legitimate Remote Monitoring and Management (RMM) sof...
Campaigns
20 articles
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step at...
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox (aka Monarch, SwimSnake, The Great Thief of Valley, UTG-Q-1000, and Void Arachne) has been linked to a n...
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S.
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to c...
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and S...
Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
On April 23, 2026, the U.S.
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to ...
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targ...
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware.
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer...
Chinese National Extradited Over Silk Typhoon Cyber Campaign
Extradition links alleged MSS-directed hacker to Silk Typhoon and COVID-19 espionage
North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures
Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
Written by: JP Glab, Tufail Ahmed, Josh Kelley, Muhammad Umair Introduction Google Threat Intelligence Group (GTIG) identified a multistage intrusion campaig...
FIRESTARTER Backdoor
Malware Analysis Report at a Glance Malware Name FIRESTARTER Original Publication April 23, 2026 Executive Summary The Cybersecurity and Infrastructure Secur...
GopherWhisper: A burrow full of malware
ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions
UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns
What the ransom note won’t say
An attack is what you see, but a business operation is what you’re up against
DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’
Coordinated action by FBI, Europol and others seizes infrastructure, makes arrests – and sends warning letters to known DDoS service users