ALL POSTS

Key Findings Three China-linked threat clusters targeted a Southeast Asian government organization throughout 2025 in a sophisticated, well-resourced cyber campaign Mustang Panda (Stately Taurus) deployed PUBLOAD malware via USB-infected drives between June and August 2025 CL-STA-1048 cluster operated from March to September 2025, using multiple espionage tools including EggStremeFuel, MASOL RAT, and TrackBak Stealer CL-STA-1049 cluster active in April and August 2025 used th

Key Findings Dutch intelligence agencies AIVD and MIVD warn of a large-scale global cyber campaign by Russia-linked threat actors targeting Signal and WhatsApp accounts of government officials, military personnel, and journalists. The attackers are using social engineering tactics rather than exploiting app vulnerabilities - they impersonate Signal support bots and abuse legitimate features like "linked devices" to hijack accounts. Once they gain access, the hackers can read

Background Indian government entities have been targeted in two campaigns undertaken by a threat actor that operates in Pakistan using previously undocumented tradecraft. The campaigns have been codenamed Gopher Strike and Sheet Attack by Zscaler ThreatLabz, which identified them in September 2025. Key Findings The activity is assessed to potentially originate from a new subgroup or another Pakistan-linked group operating in parallel with the known APT36 group. The Gopher Str

Key Findings Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. The activity has been attributed with high confidence to Russia's Main Intelligence Directorate (GRU), citing infrastructure overlaps with APT44, also known as FROZENBARENTS, Sandworm, Seashell Blizzard, and Voodoo Bear. The campaign targeted energy sector organizations across Western natio