APT41 is a apt_group tracked across 26 threat clusters and 40 intelligence report mentions on ThreatCluster. First observed November 5, 2025; most recent activity July 7, 2026.
Cisco has addressed a maximum-severity vulnerability in AsyncOS, tracked as CVE-2025-20393, which has been actively exploited for at least a month. The flaw affects Secure Email Gateway (SEG) and Secure Email and Web…
A sophisticated backdoor malware named Firestarter has been discovered on Cisco Firepower devices, attributed to the state-sponsored threat actor UAT-4356. The malware exploits two vulnerabilities, CVE-2025-20333 and…
APT41, a China-backed threat group, has been identified using a new zero-detection ELF backdoor targeting Linux cloud workloads across major platforms including AWS, Google Cloud Platform, Microsoft Azure, and Alibaba…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
Malaysia's cyber threat landscape is experiencing a structural shift due to rapid digital growth and geopolitical factors, making it a prime target for cyber attacks. A report from Cyfirma indicates that state-backed…
Adversaries are increasingly leveraging external remote services like VPNs and Citrix to gain unauthorized access to networks. These attacks often involve using valid accounts obtained through credential harvesting or…
Recent research from Darktrace reveals the evolution of Chinese-nexus cyber operations over the past two decades, highlighting a shift from high-volume attacks to more strategic, identity-centric intrusions. This change…
North Korea's cyber program has transitioned to a modular malware strategy, moving away from monolithic malware families to a more fragmented ecosystem. This change is a response to years of international sanctions, law…
Recent cybersecurity reports detail the exploitation of software vulnerabilities in client applications, particularly targeting web browsers and Microsoft Office. Adversaries utilize techniques such as Drive-by…
A critical vulnerability, CVE-2026-11405, has been discovered in multiple Tenda router firmware versions, allowing unauthenticated attackers to gain full administrative control via a hidden backdoor. This flaw exists in…