Cyware Social will be sunset on April 15, 2026. Thank you for being part of our community.
Please subscribe to our Threat Briefing newsletters here → to stay informed on the latest threats.

Alerts Events DCR
Filter Alerts by
March 12, 2026

ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data

ShinyHunters, a notorious hacking group, has issued a final warning to approximately 400 organizations, threatening to leak sensitive data unless their extortion demands are met.
March 6, 2026

Pakistan-Linked APT36 Floods Indian Govt Networks With AI-Made ‘Vibeware’

APT36, a Pakistan-linked hacking group, is targeting Indian government networks with AI-generated malware known as "Vibeware." This strategy involves overwhelming security systems with numerous low-quality malware samples.
March 2, 2026

North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks

APT37, a North Korean cyber espionage group, has launched a new campaign named "Ruby Jumper" targeting air-gapped networks. The campaign introduces five new tools: Restleaf, SnakeDropper, ThumbSBD, VirusTask, and FootWine.
February 26, 2026

APT37 Adds New Tools For Air-Gapped Networks

ThreatLabz details the Ruby Jumper campaign in the following sections, focusing on the specific malware employed, the deployment methods, and how the final payload is delivered to achieve the ultimate objective.
February 24, 2026

APT28 Targeted European Entities Using Webhook-Based Macro Malware

APT28, a Russia-linked state-sponsored threat actor, has been attributed to a campaign targeting selected entities across Western and Central Europe, active from September 2025 through January 2026, according to S2 Grupo’s LAB52 team.
February 23, 2026

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo.
February 20, 2026

Researchers warn Volt Typhoon still embedded in US utilities and some breaches may never be found

Volt Typhoon continues to target strategically important sites, maintaining long-term access to operational technology networks. This access could enable destructive cyberattacks aimed at slowing U.S. military mobilization.
February 13, 2026

SMS and OTP Bombing Campaigns Found Abusing API, SSL and Cross-Platform Automation

The Muddled Libra group, also known as Scattered Spider, executed a sophisticated attack using a rogue virtual machine within a VMware vSphere environment. This attack exposed critical tactics, techniques, and procedures (TTPs) used by the group.
February 12, 2026

Crazy ransomware gang abuses employee monitoring tool in attacks

The Crazy ransomware gang is exploiting legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment.
February 3, 2026

Notepad++ hijacking linked to Chinese Lotus Blossom crew

A sophisticated malware campaign leveraging Pulsar RAT has been identified, targeting Windows systems. This campaign employs advanced techniques to evade detection and maintain persistent access, posing a significant threat to affected systems.
Load More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Learn More

Trending Tags
Popular Topics
See more