Cyberespionage remains a persistent threat as state-backed groups increasingly target critical sectors worldwide. Recently, North Korea-linked APT Kimsuky launched the AppleSeed campaign targeting defense, activists, and crypto exchanges, while China-affiliated clusters PurpleHaze and ShadowPad have hit over 70 global organizations. Meanwhile, a supply chain malware campaign compromised 16 GlueStack-related npm and PyPI packages to execute commands, capture screenshots, and steal data. Continue reading for the cybersecurity updates from the weekend.
01
Kimsuky, a North Korea-linked APT, launched AppleSeed—a sophisticated cyber-espionage campaign targeting defense, activists, and crypto exchanges via Facebook, email, and Telegram.
02
China-nexus threat clusters PurpleHaze and ShadowPad have been targeting over 70 global organizations, including a South Asian government entity, a European media organization, and SentinelOne in cyber-espionage campaigns.
03
Blitz malware has been targeting gamers by distributing backdoored cheat packages for the mobile game Standoff 2, compromising systems, stealing data, and mining cryptocurrency.
04
Researchers have discovered a new modular RAT named DuplexSpy RAT, written in C# and available on GitHub, which features a GUI, persistence, anti-analysis capabilities, and the ability to mimic legitimate processes to evade detection.
05
A supply chain malware campaign has compromised 16 npm and PyPI packages linked to GlueStack, enabling attackers to execute commands, capture screenshots, and steal data.
06
A new variant of the Mirai botnet is exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216 devices to hijack them.
07
Multiple vulnerabilities in Qsync Central have been reported, including a format string vulnerability (CVE-2025-22482) and an SQL injection vulnerability (CVE-2025-29892). The vulnerabilities have been resolved in Qsync Central version 4.5.0.
08
A critical SOQL injection vulnerability was discovered in Salesforce's default Aura controller, potentially exposing millions of user records across thousands of deployments.
09
Guardz, a cybersecurity company, raised $56 million in a Series B funding round led by ClearSky, with participation from Phoenix Financial and existing investors.
10
NETGEAR, an intelligent networking solutions provider, has announced the acquisition of cybersecurity company Exium to enhance its enterprise networking solutions for SMEs.
