/

Threat Groups

Threat actors tracked across all RSS feeds — nation-states, ransomware gangs, and hacktivists

Nation-State Nation-State Groups

MuddyWater Iran

Iranian MOIS-linked group targeting telecommunications, government, and defense sectors across the M…

10 articles 9 in 90d
Turla Russia

Russian FSB group known for sophisticated cyber-espionage campaigns targeting governments, embassies…

7 articles 6 in 90d
APT28 (Fancy Bear) Russia

Russian military intelligence (GRU) hacking group active since mid-2000s. Known for targeting NATO g…

4 articles 4 in 90d
Lazarus Group North Korea

North Korean state-sponsored group linked to the Reconnaissance General Bureau. Responsible for majo…

4 articles 3 in 90d
Sandworm Russia

GRU Unit 74455 responsible for destructive attacks including NotPetya, attacks on Ukrainian power gr…

2 articles 1 in 90d
Kimsuky North Korea

North Korean APT group focused on intelligence gathering, targeting South Korean government, think t…

2 articles 2 in 90d
Salt Typhoon China

Chinese threat actor responsible for major breaches of US telecommunications providers, targeting wi…

2 articles 2 in 90d
Gamaredon Russia

Russian FSB-linked group almost exclusively targeting Ukrainian government, military, and critical i…

2 articles 1 in 90d
Volt Typhoon China

Chinese state-sponsored group focused on critical infrastructure targeting, particularly US military…

1 articles 1 in 90d
Mustang Panda China

Chinese APT group targeting Southeast Asian governments, NGOs, and minorities using PlugX malware.

1 articles 1 in 90d
OceanLotus Vietnam

Vietnamese state-sponsored group conducting espionage against foreign governments, dissidents, and j…

1 articles 1 in 90d
APT29 (Cozy Bear) Russia

Russian Foreign Intelligence Service (SVR) group known for sophisticated long-term intrusions into g…

0 articles
APT41 (Double Dragon) China

Chinese state-sponsored group conducting both espionage and financially motivated cybercrime. Known …

0 articles
Charming Kitten Iran

Iranian IRGC-linked group conducting phishing and credential theft against journalists, academics, h…

0 articles
Flax Typhoon China

Chinese state-sponsored group targeting Taiwanese organizations and critical infrastructure sectors …

0 articles
Star Blizzard Russia

Russian FSB-linked group conducting targeted spear-phishing against NGOs, journalists, and academic …

0 articles
SideWinder India

Suspected Indian state-sponsored group targeting military and government organizations in Pakistan, …

0 articles
BlackTech China

Chinese APT group targeting tech, media, and telecommunications companies in East Asia, particularly…

0 articles
UNC3886 China

Sophisticated Chinese espionage group targeting VMware ESXi hypervisors and network edge devices wit…

0 articles
UNC4736 North Korea

North Korean-linked group responsible for the 3CX supply chain attack in 2023.

0 articles
Ember Bear Russia

Russian GRU-linked group conducting destructive attacks against Ukrainian targets, associated with W…

0 articles

Cybercriminal Cybercriminal Groups

Scattered Spider Unknown

English-speaking cybercriminal group known for sophisticated social engineering, SIM swapping, and r…

5 articles 3 in 90d
REvil Russia

Russian ransomware-as-a-service operation responsible for attacks on Kaseya, JBS Foods, and Travelex…

1 articles 1 in 90d
FIN7 Unknown

Prolific financially motivated group known for targeting retail, hospitality, and restaurant sectors…

0 articles
FIN11 Unknown

Financially motivated group known for large-scale phishing campaigns and deployment of Clop ransomwa…

0 articles
TA505 Unknown

Prolific threat actor operating large-scale malware distribution campaigns including Dridex and Clop…

0 articles
TA577 Unknown

Cybercriminal group known for high-volume phishing campaigns distributing QakBot and other malware.

0 articles
TA569 Unknown

Threat actor operating SocGholish (FakeUpdates) malware distribution network through compromised web…

0 articles
Wizard Spider Russia

Russian-speaking cybercriminal group operating TrickBot and Conti ransomware. Known for targeting ho…

0 articles
LockBit Gang Unknown

Operators of the LockBit ransomware-as-a-service platform, one of the most prolific ransomware group…

0 articles
BlackCat Operators Unknown

Operators of the ALPHV/BlackCat ransomware, responsible for major attacks including Change Healthcar…

0 articles
Cl0p Gang Unknown

Cybercriminal group behind the Clop ransomware, known for mass exploitation of zero-day vulnerabilit…

0 articles
DarkSide Unknown

Ransomware group responsible for the Colonial Pipeline attack in 2021, causing widespread fuel short…

0 articles
Rhysida Gang Unknown

Ransomware group that emerged in 2023, targeting healthcare, education, and government sectors. Know…

0 articles
Akira Gang Unknown

Ransomware-as-a-service operation active since 2023, targeting SMBs across multiple sectors with dou…

0 articles
Play Gang Unknown

Ransomware group targeting enterprise networks, known for exploiting Exchange vulnerabilities and us…

0 articles
BianLian Gang Unknown

Ransomware group that shifted from encryption-based to pure extortion model, targeting healthcare, p…

0 articles
Medusa Gang Unknown

Ransomware group known for maintaining a public Telegram channel to pressure victims and publish sto…

0 articles
8Base Unknown

Ransomware group that surged in activity in 2023, targeting SMBs with Phobos ransomware and operatin…

0 articles
Hunters International Unknown

Ransomware group that appeared in late 2023, believed to be a rebranded or spin-off of the Hive rans…

0 articles
Fancy Lazarus Unknown

Group conducting ransom DDoS (RDoS) campaigns threatening organizations with DDoS attacks unless ran…

0 articles
Evil Corp Russia

Russian cybercriminal organization led by Maksim Yakubets, responsible for Dridex banking trojan and…

0 articles

Hacktivist Hacktivist Groups

NoName057(16) Russia

Pro-Russian hacktivist group conducting DDoS attacks against Ukraine and Western governments support…

0 articles
Anonymous Sudan Sudan

Hacktivist group conducting large-scale DDoS attacks, suspected of ties to Russian interests despite…

0 articles
Killnet Russia

Pro-Russian hacktivist group conducting DDoS attacks against governments and organizations supportin…

0 articles

Unknown Unknown Groups

NSO
96 articles 92 in 90d auto-detected
Threat Intelligence
37 articles 29 in 90d auto-detected
Privacy
22 articles 15 in 90d auto-detected
Incident Response
10 articles 9 in 90d auto-detected
BitLocker
9 articles 9 in 90d auto-detected
Cyber Espionage
7 articles 7 in 90d auto-detected
Insikt
6 articles 5 in 90d auto-detected
Networking
5 articles 5 in 90d auto-detected
New Threat
4 articles 2 in 90d auto-detected
Android Security
4 articles auto-detected
Nitrogen Ransomware
4 articles 4 in 90d auto-detected
Handala
3 articles 3 in 90d auto-detected
Chrome Security
3 articles 2 in 90d auto-detected
DDoS Botnet
3 articles 3 in 90d auto-detected
Interlock Ransomware
2 articles 1 in 90d auto-detected
BlackFile
2 articles 2 in 90d auto-detected
APT37
2 articles 2 in 90d auto-detected
Unveiling
2 articles 1 in 90d auto-detected
Google Pixel
2 articles 2 in 90d auto-detected
GenAI Security
2 articles 1 in 90d auto-detected
Source Security
2 articles 1 in 90d auto-detected
Gentlemen Ransomware
2 articles 2 in 90d auto-detected
Know Insikt
1 articles 1 in 90d auto-detected
Explore Insikt
1 articles 1 in 90d auto-detected
Rublevka
1 articles auto-detected
Operation Rublevka
1 articles auto-detected
Analyst Says
1 articles 1 in 90d auto-detected
BlackCat Cyber
1 articles 1 in 90d auto-detected
UNC6783
1 articles 1 in 90d auto-detected
TA416
1 articles 1 in 90d auto-detected
Pay2Key Ransomware
1 articles 1 in 90d auto-detected
Notorious Cybercrime
1 articles 1 in 90d auto-detected
UNC2814
1 articles 1 in 90d auto-detected
Rewards Program
1 articles 1 in 90d auto-detected
Root Program
1 articles auto-detected
Android Red
1 articles auto-detected
TA423
1 articles auto-detected
UNC6692
1 articles 1 in 90d auto-detected
UNC6201
1 articles auto-detected
UNC1069
1 articles auto-detected
Ukraine BO
1 articles 1 in 90d auto-detected
Corruption Data
1 articles 1 in 90d auto-detected
UNC5342
1 articles auto-detected
UNC5142
1 articles auto-detected
UNC6040
1 articles auto-detected
Your Purple
1 articles 1 in 90d auto-detected
Volkswagen
1 articles 1 in 90d auto-detected
Cybersecurity Working
1 articles 1 in 90d auto-detected
Drupal Security
1 articles 1 in 90d auto-detected
UNC1151
1 articles 1 in 90d auto-detected
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA