A China-based advanced persistent threat (APT) group is actively targeting military organizations in the Asia-Pacific region, particularly the Philippines, using a newly discovered fileless malware framework named EggStreme.

A set of 45 previously unreported domains linked to the China-affiliated threat actors Salt Typhoon and UNC4841 has been uncovered, revealing a longstanding cyber espionage campaign dating back to May 2020.

Lazarus hackers exploited a zero-day vulnerability to deploy three custom RATs targeting financial and cryptocurrency firms. The attack chain included social engineering, exploitation, discovery, and next-stage deployment.

A series of cyberattacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as ShadowSilk, according to new research by Group-IB.

A financially motivated data extortion campaign, active since at least December 2024, is targeting high-end retailers and luxury commerce sectors. The campaign involves threat actors compromising Salesforce environments using social engineering .

Murky Panda has recently compromised cloud service providers to abuse their trusted access to customer environments. In one case, they exploited zero-day vulnerabilities to access a SaaS provider’s cloud infrastructure.

A surge in cyberespionage activity has been observed from the Chinese state-sponsored Silk Typhoon, also known as Murky Panda. The group has intensified its targeting of government, technology, legal sectors in North America.

The Kinsing cryptomining group, also known as H2Miner and Resourceful Wolf, has expanded its operations into Russia, marking a significant shift in its targeting strategy. The campaign began in April and exploits outdated software vulnerabilities.

A threat actor using the name Chucky_BF on a cybercrime and hacker forum is advertising what they claim to be a massive PayPal data dump. The post describes a trove allegedly containing more than 15.8 million records of email and plaintext passwords.

Blue Locker ransomware hits Pakistan’s oil & gas sector. NCERT-Pakistan has warned ministries of severe ongoing risk. Notably, the malicious cyber activity took place in close proximity to the celebration of Pakistan’s Independence Day.