Threat Groups

Threat actors tracked across all RSS feeds — nation-states, ransomware gangs, and hacktivists

Nation-State Nation-State Groups

Star Blizzard Russia

Russian FSB-linked group conducting targeted spear-phishing against NGOs, journalists, and academic …

4 articles 4 in 90d
APT28 (Fancy Bear) Russia

Russian military intelligence (GRU) hacking group active since mid-2000s. Known for targeting NATO g…

3 articles 3 in 90d
Lazarus Group North Korea

North Korean state-sponsored group linked to the Reconnaissance General Bureau. Responsible for majo…

2 articles 1 in 90d
Sandworm Russia

GRU Unit 74455 responsible for destructive attacks including NotPetya, attacks on Ukrainian power gr…

2 articles 2 in 90d
MuddyWater Iran

Iranian MOIS-linked group targeting telecommunications, government, and defense sectors across the M…

2 articles 1 in 90d
Turla Russia

Russian FSB group known for sophisticated cyber-espionage campaigns targeting governments, embassies…

1 articles
Kimsuky North Korea

North Korean APT group focused on intelligence gathering, targeting South Korean government, think t…

1 articles 1 in 90d
Gamaredon Russia

Russian FSB-linked group almost exclusively targeting Ukrainian government, military, and critical i…

1 articles
APT29 (Cozy Bear) Russia

Russian Foreign Intelligence Service (SVR) group known for sophisticated long-term intrusions into g…

0 articles
APT41 (Double Dragon) China

Chinese state-sponsored group conducting both espionage and financially motivated cybercrime. Known …

0 articles
Charming Kitten Iran

Iranian IRGC-linked group conducting phishing and credential theft against journalists, academics, h…

0 articles
Volt Typhoon China

Chinese state-sponsored group focused on critical infrastructure targeting, particularly US military…

0 articles
Salt Typhoon China

Chinese threat actor responsible for major breaches of US telecommunications providers, targeting wi…

0 articles
Flax Typhoon China

Chinese state-sponsored group targeting Taiwanese organizations and critical infrastructure sectors …

0 articles
Mustang Panda China

Chinese APT group targeting Southeast Asian governments, NGOs, and minorities using PlugX malware.

0 articles
OceanLotus Vietnam

Vietnamese state-sponsored group conducting espionage against foreign governments, dissidents, and j…

0 articles
SideWinder India

Suspected Indian state-sponsored group targeting military and government organizations in Pakistan, …

0 articles
BlackTech China

Chinese APT group targeting tech, media, and telecommunications companies in East Asia, particularly…

0 articles
UNC3886 China

Sophisticated Chinese espionage group targeting VMware ESXi hypervisors and network edge devices wit…

0 articles
UNC4736 North Korea

North Korean-linked group responsible for the 3CX supply chain attack in 2023.

0 articles
Ember Bear Russia

Russian GRU-linked group conducting destructive attacks against Ukrainian targets, associated with W…

0 articles

Cybercriminal Cybercriminal Groups

Scattered Spider Unknown

English-speaking cybercriminal group known for sophisticated social engineering, SIM swapping, and r…

1 articles
FIN7 Unknown

Prolific financially motivated group known for targeting retail, hospitality, and restaurant sectors…

0 articles
FIN11 Unknown

Financially motivated group known for large-scale phishing campaigns and deployment of Clop ransomwa…

0 articles
TA505 Unknown

Prolific threat actor operating large-scale malware distribution campaigns including Dridex and Clop…

0 articles
TA577 Unknown

Cybercriminal group known for high-volume phishing campaigns distributing QakBot and other malware.

0 articles
TA569 Unknown

Threat actor operating SocGholish (FakeUpdates) malware distribution network through compromised web…

0 articles
Wizard Spider Russia

Russian-speaking cybercriminal group operating TrickBot and Conti ransomware. Known for targeting ho…

0 articles
LockBit Gang Unknown

Operators of the LockBit ransomware-as-a-service platform, one of the most prolific ransomware group…

0 articles
BlackCat Operators Unknown

Operators of the ALPHV/BlackCat ransomware, responsible for major attacks including Change Healthcar…

0 articles
Cl0p Gang Unknown

Cybercriminal group behind the Clop ransomware, known for mass exploitation of zero-day vulnerabilit…

0 articles
REvil Russia

Russian ransomware-as-a-service operation responsible for attacks on Kaseya, JBS Foods, and Travelex…

0 articles
DarkSide Unknown

Ransomware group responsible for the Colonial Pipeline attack in 2021, causing widespread fuel short…

0 articles
Rhysida Gang Unknown

Ransomware group that emerged in 2023, targeting healthcare, education, and government sectors. Know…

0 articles
Akira Gang Unknown

Ransomware-as-a-service operation active since 2023, targeting SMBs across multiple sectors with dou…

0 articles
Play Gang Unknown

Ransomware group targeting enterprise networks, known for exploiting Exchange vulnerabilities and us…

0 articles
BianLian Gang Unknown

Ransomware group that shifted from encryption-based to pure extortion model, targeting healthcare, p…

0 articles
Medusa Gang Unknown

Ransomware group known for maintaining a public Telegram channel to pressure victims and publish sto…

0 articles
8Base Unknown

Ransomware group that surged in activity in 2023, targeting SMBs with Phobos ransomware and operatin…

0 articles
Hunters International Unknown

Ransomware group that appeared in late 2023, believed to be a rebranded or spin-off of the Hive rans…

0 articles
Fancy Lazarus Unknown

Group conducting ransom DDoS (RDoS) campaigns threatening organizations with DDoS attacks unless ran…

0 articles
Evil Corp Russia

Russian cybercriminal organization led by Maksim Yakubets, responsible for Dridex banking trojan and…

0 articles

Hacktivist Hacktivist Groups

NoName057(16) Russia

Pro-Russian hacktivist group conducting DDoS attacks against Ukraine and Western governments support…

0 articles
Anonymous Sudan Sudan

Hacktivist group conducting large-scale DDoS attacks, suspected of ties to Russian interests despite…

0 articles
Killnet Russia

Pro-Russian hacktivist group conducting DDoS attacks against governments and organizations supportin…

0 articles

Unknown Unknown Groups

Threat Intelligence
24 articles 23 in 90d auto-detected
Extortion
21 articles 20 in 90d auto-detected
Privacy
17 articles 9 in 90d auto-detected
Handala
11 articles 11 in 90d auto-detected
North Korean
9 articles 9 in 90d auto-detected
UNC1069
8 articles 8 in 90d auto-detected
Insikt
6 articles 6 in 90d auto-detected
Handala Hack
6 articles 6 in 90d auto-detected
Android Security
6 articles 1 in 90d auto-detected
Lloyds
5 articles 5 in 90d auto-detected
TA416
5 articles 5 in 90d auto-detected
Incident Response
4 articles 4 in 90d auto-detected
Chrome Security
3 articles auto-detected
Lloyds Banking
3 articles 3 in 90d auto-detected
Leaks Ransomware
2 articles 2 in 90d auto-detected
Unveiling
2 articles 2 in 90d auto-detected
Root Program
2 articles auto-detected
GenAI Security
2 articles 1 in 90d auto-detected
Emergency Response
2 articles 2 in 90d auto-detected
Trusted Computing
1 articles 1 in 90d auto-detected
Know Insikt
1 articles 1 in 90d auto-detected
Explore Insikt
1 articles 1 in 90d auto-detected
Rublevka
1 articles 1 in 90d auto-detected
Operation Rublevka
1 articles 1 in 90d auto-detected
Harvesting Insikt
1 articles 1 in 90d auto-detected
APT37
1 articles 1 in 90d auto-detected
Notorious Cybercrime
1 articles 1 in 90d auto-detected
UNC2814
1 articles 1 in 90d auto-detected
Korean Lazarus
1 articles 1 in 90d auto-detected
Chinese APT
1 articles 1 in 90d auto-detected
Noise Global
1 articles 1 in 90d auto-detected
Basta Ransomware
1 articles 1 in 90d auto-detected
TA423
1 articles auto-detected
Sansec Forensics
1 articles 1 in 90d auto-detected
Talent Acquisition
1 articles 1 in 90d auto-detected
Networking
1 articles 1 in 90d auto-detected
Android Red
1 articles auto-detected
Source Security
1 articles auto-detected
Njordium Cyber
1 articles 1 in 90d auto-detected
UNC6201
1 articles 1 in 90d auto-detected
APT24
1 articles auto-detected
TA551
1 articles 1 in 90d auto-detected
Pay2Key Ransomware
1 articles 1 in 90d auto-detected
Iranian Hacking
1 articles 1 in 90d auto-detected
Rewards Program
1 articles 1 in 90d auto-detected
Match
1 articles 1 in 90d auto-detected
Huione
1 articles 1 in 90d auto-detected
Iranian Hacker
1 articles 1 in 90d auto-detected
Things References
1 articles 1 in 90d auto-detected
UNC6040
1 articles 1 in 90d auto-detected