238 matches found
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan called Xeno RAT. "The campaign opens with a spear phishing delivery - a ZIP...
MAL-2026-4666 Malicious code in seedcode-facturacion-electronica (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 366dad27b664f3be411dc07609ee2f6f6b73a3cbc179d7c0105f20ce8bc77d3e The package advertises itself as a client for submitting El Salvador electronic invoices DTEs directly to the Ministerio de Hacienda. In practice, th...
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led by the Dubai...
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation FBI, and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website th...
HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches
HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the...
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems...
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 aka ValleyRAT have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan RAT tracked as HoldingHands RAT aka Gh0stBins. "The campaign relied on phishing emails with PDFs...
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike
A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking...
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security MOIS and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX...
DoNot APT Hits European Ministry with New LoptikMod Malware
Trellix reveals how the India-linked DoNot APT group launched a sophisticated spear-phishing attack on a European foreign affairs…...
From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities By Aniket Choukde, Aparna Aripirala, Alisha Kadam, Akhil Reddy, Pham Duy Phuc and Alex Lanstein · July 8, 2025 Introduction The DoNot APT group, also identified by various...
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack
The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China PRC of targeting its Ministry of Foreign Affairs. In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the...
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a...
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
The U.S. Department of Justice DoJ has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People's Republic of China's PRC Ministr...
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster i...
U.S. Citizen Sentenced for Spying on Behalf of China's Intelligence Agency
A 59-year-old U.S. citizen who immigrated from the People's Republic of China PRC has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China's principal civilian intelligence agency. Ping Li, 59, of...
Why Italy Sells So Much Spyware
Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace has been able to operate relatively under the radar by specializing in cheaper tools. According to an Italian Ministry of...
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue...
Attackers Impersonating Israeli Ministry with Blended Tools
...