The Lazarus hacking group has resurfaced—this time targeting European defence firms engaged in unmanned aerial systems development. ESET traces the activity to the DreamJob campaign, attributed to North Korea, which habitually employs bogus job...
The PhantomCaptcha operation proved to be one of the most sophisticated phishing campaigns of recent months, directed at humanitarian and administrative organizations. According to SentinelLabs, the attackers orchestrated a meticulously crafted scheme, masquerading as...
Group-IB’s Threat Intelligence team has published a detailed analysis of a new cyber-espionage campaign very likely attributable to the MuddyWater APT. The intrusion began with a compromised mailbox that the attackers accessed via a...
In recent years, cyberspace has become a theater of covert conflict, where the actions of one state can directly affect the scientific and technological institutions of another. A large-scale, long-running cyber operation was recently...
Over the past two years, Kaspersky Lab researchers have been tracking a little-known espionage campaign dubbed PassiveNeuron. Initial server compromises of government organizations were observed as early as 2024, yet for a long time...
The South Korean government has officially confirmed a cyberattack on the nation’s key infrastructure—two months after the incident occurred. According to the report, attackers gained access to the Onnara document management system, used by...
The Chinese Ministry of State Security (MSS) has announced the uncovering of “irrefutable evidence” pertaining to a cyber-attack targeting the National Time Service Center (NTSC), the institution entrusted with maintaining the standard Beijing Time....
A North Korean–linked group has, for the first time, adopted EtherHiding — a technique that conceals malicious code inside smart contracts on public blockchains and swaps payloads on the fly. Google’s Threat Intelligence Team...
For more than a year, a Chinese hacking group had been covertly exploiting an ArcGIS server as a clandestine access channel, transforming it into a resilient point of persistence. The campaign, uncovered by ReliaQuest...
Hacktivists typically move from words to action within a matter of days or weeks after issuing their public threats. This conclusion was drawn by the Kaspersky Lab research team, which analyzed the activities of...
In August 2025, researchers from Huntress observed a cyberattack involving the abuse of the legitimate server-monitoring tool Nezha, which was originally designed for system performance tracking. During the campaign, threat actors — allegedly linked...
A drone that falls under the control of malicious actors can transform in a fraction of a second from a precise instrument into an unpredictable threat. Once compromised, it begins to behave erratically—hovering, spinning...
