Confucius Hacker Group Weaponizes Documents to Infect Windows Systems with AnonDoor Malware

The Confucius hacking group has significantly evolved its attack methodologies over the past year, transitioning from document stealers like WooperStealer to sophisticated Python-based backdoors including AnonDoor malware.

Oracle customers being bombarded with emails claiming widespread data theft

A widespread extortion campaign is targeting Oracle customers with emails claiming data theft from Oracle’s E-Business Suite. The emails are allegedly linked to the Clop ransomware group.
September 23, 2025

Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques

Threat actors are increasingly adopting stealthy and unconventional techniques inspired by the Chinese APT group Salt Typhoon, which previously infiltrated major telecommunications providers.
September 22, 2025

Two of the Kremlin’s most active hack groups are collaborating, ESET says

Turla has been known for deploying stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations. These activities suggest a strategic alignment between the two groups to enhance operational effectiveness.

APT28’s Recent Campaign Combined Steganography, Cloud C2 into a Modular Infection Chain

APT28 (aka Fancy Bear, Sofacy, Sednit) has launched a sophisticated cyber-espionage campaign dubbed "Phantom Net Voxel," combining steganography, cloud-based command-and-control (C2), and modular implants.

CopyCop Deepens Its Playbook with New Websites and Targets

A Russian influence operation known as CopyCop has expanded its disinformation infrastructure in 2025, deploying over 300 websites to target democratic institutions and public opinion across the US, France, Canada, Germany, Armenia, and Moldova.
September 18, 2025

GOLD SALEM’s Warlock operation joins busy ransomware landscape

GOLD SALEM, also known as the Warlock Group, is an emerging ransomware threat actor active since March. The group has targeted a wide range of organizations across North America, Europe, and South America, deploying its Warlock ransomware.
September 11, 2025

Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware

A China-based advanced persistent threat (APT) group is actively targeting military organizations in the Asia-Pacific region, particularly the Philippines, using a newly discovered fileless malware framework named EggStreme.

45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage

A set of 45 previously unreported domains linked to the China-affiliated threat actors Salt Typhoon and UNC4841 has been uncovered, revealing a longstanding cyber espionage campaign dating back to May 2020.
September 2, 2025

Lazarus Hackers Exploit 0-Day to Deploy Three Remote Access Trojans

Lazarus hackers exploited a zero-day vulnerability to deploy three custom RATs targeting financial and cryptocurrency firms. The attack chain included social engineering, exploitation, discovery, and next-stage deployment.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags