ALL POSTS

Key Findings North Korea-linked threat actor UNC2970 used Google's Gemini AI model to conduct reconnaissance on its targets, including searching for information on major cybersecurity and defense companies and mapping specific technical job roles and salary information. Other state-backed hacking groups, including UNC6418 (unattributed), Temp.HEX or Mustang Panda (China), APT31 or Judgement Panda (China), APT41 (China), UNC795 (China), and APT42 (Iran), have also integrated G

Key Findings China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe UAT-7290 primarily targets telecom providers, conducting espionage by deeply embedding in victim networks and operating Operational Relay Box (ORB) infrastructure The threat actor uses a broad toolset, including open-source tools, custom malware, and one-day exploits against edge networking devices Attacks are preceded by extensive