ShadowSilk Campaign Targets Central Asian Governments

A series of cyberattacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as ShadowSilk, according to new research by Group-IB.

Data Is the New Diamond: Heists in the Digital Age

A financially motivated data extortion campaign, active since at least December 2024, is targeting high-end retailers and luxury commerce sectors. The campaign involves threat actors compromising Salesforce environments using social engineering .

Murky Panda hackers exploit cloud trust to hack downstream customers

Murky Panda has recently compromised cloud service providers to abuse their trusted access to customer environments. In one case, they exploited zero-day vulnerabilities to access a SaaS provider’s cloud infrastructure.

CrowdStrike warns of uptick in Silk Typhoon attacks this summer

A surge in cyberespionage activity has been observed from the Chinese state-sponsored Silk Typhoon, also known as Murky Panda. The group has intensified its targeting of government, technology, legal sectors in North America.
August 19, 2025

Cryptomining group Kinsing expands operations to Russia, researchers warn

The Kinsing cryptomining group, also known as H2Miner and Resourceful Wolf, has expanded its operations into Russia, marking a significant shift in its targeting strategy. The campaign began in April and exploits outdated software vulnerabilities.
August 18, 2025

Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials

A threat actor using the name Chucky_BF on a cybercrime and hacker forum is advertising what they claim to be a massive PayPal data dump. The post describes a trove allegedly containing more than 15.8 million records of email and plaintext passwords.

'Blue Locker' Ransomware Targeting Oil & Gas Sector in Pakistan

Blue Locker ransomware hits Pakistan’s oil & gas sector. NCERT-Pakistan has warned ministries of severe ongoing risk. Notably, the malicious cyber activity took place in close proximity to the celebration of Pakistan’s Independence Day.

UAT-7237 targets Taiwanese web hosting infrastructure

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918. UAT-7237 aims to establish long-term persistence in high-value victim environments.

Embargo Ransomware nets $34.2M in crypto since April 2024

According to a new report, the Embargo ransomware group has amassed approximately $34.2 million in cryptocurrency since its emergence in April 2024. The group primarily targets the healthcare, business services, and manufacturing sectors.
August 5, 2025

Foreign adversaries are trying to weaponize open-source software, report finds

Nation-state actors from China and Russia are actively attempting to compromise open-source software ecosystems by embedding malicious code and backdoors through trusted contributor roles.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags