PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations

Introduction Back in 2024, we gave a brief description of a complex cyberespionage campaign that we dubbed "PassiveNeuron". This campaign involved compromising the servers of government organizations with previously unknown APT implants, named "Neursite" and "NeuralExecutor". However, since its...

The Attribution Story of WhisperGate: An Academic Perspective

This paper explores the challenges of cyberattack attribution, specifically APTs, applying the case study approach for the WhisperGate cyber operation of January 2022 executed by the Russian military intelligence service GRU and targeting Ukrainian government entities. The study provides a detail...

Chinese gangs made over $1 billion targeting Americans with scam texts

We regularly warn our readers about new scams and phishing texts. Almost everyone gets pestered with these messages. But where are all these scam texts coming from? According to an article in The Wall Street Journal: “It has become a billion-dollar, highly sophisticated business benefiting...

Anthropic Has a Plan to Keep Its AI From Building a Nuclear Weapon. Will It Work?

Anthropic partnered with the US government to create a filter meant to block Claude from helping someone build a nuke. Experts are divided on whether its a necessary protection—or a protection at all...

A Surprising Amount of Satellite Traffic Is Unencrypted

Here's the summary: We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication. A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructur...

CVE-2023-35002

creationtimestamp| type| source ---|---|--- 2025-10-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-06...

Mysterious Elephant: a growing threat

Introduction Mysterious Elephant is a highly active advanced persistent threat APT group that we at Kaspersky GReAT discovered in 2023. It has been consistently evolving and adapting its tactics, techniques, and procedures TTPs to stay under the radar. With a primary focus on targeting government...

CVE-2025-62362

gpp-burgerportaal is a Dutch government citizen portal application. In versions before 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered by viewing the browser's developer tools network tab. This information...

Rewiring Democracy is Coming Soon

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship , will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 of 43 chapters total. You can order the book pretty much everywhere, and a copy signed by me here. Pleas...

Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims

70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord's full response and critical security steps to protect your identity...

AI-Enabled Influence Operation Against Iran

Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel. Key Findings A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer to as...

Discord warns users after data stolen in third-party breach

Popular social platform Discord has suffered a data breach—though technically, it wasn’t Discord itself that was hacked. A third-party customer support provider was compromised, allowing attackers to access Discord’s user data. Either way, it’s Discord users who feel the impact. The breach, which...

EUVD-2020-13213

Malware in sbrugna...

EUVD-2014-5659

Malware in sbrugna...

EUVD-2006-5409

Malware in sbrugna...

EUVD-2020-13331

Malware in sbrugna...

EUVD-2019-6152

Malware in sbrugna...

EUVD-2014-5633

Malware in sbrugna...

EUVD-2020-13212

Malware in sbrugna...

Discord Data Breach: Hackers Access IDs, Billing Details and Support Chats

Discord confirms a data breach via a third-party vendor, exposing government-issued photo IDs, names, emails, and limited billing data of users who contacted customer support. Learn the full risk...