Apt36 is a apt_group tracked across 18 threat clusters and 32 intelligence report mentions on ThreatCluster. First observed December 1, 2025; most recent activity July 16, 2026.
ESET's latest APT Activity Report reveals that from October 2025 to March 2026, China-aligned threat actors engaged in extensive espionage campaigns, particularly in Venezuela and the Gulf region. Following U.S.…
Recent reports indicate that state-linked hackers are leveraging artificial intelligence to enhance their cyber capabilities, posing significant risks to national utilities and intellectual property. Additionally, a US…
A Pakistan-linked threat actor, SideCopy, has initiated a spear-phishing campaign against Afghanistan's Ministry of Finance, targeting all 34 provincial revenue directorates. The campaign utilizes a ZIP archive…
Bitdefender has reported a new AI-driven attack model termed 'vibeware', which generates numerous disposable malware variants. This tactic is linked to APT36 (Transparent Tribe), a Pakistan-aligned threat actor that has…
In January 2026, the Chronus Group executed a significant data breach against the Mexican government, compromising 2.3 terabytes of sensitive data from at least 25 agencies. The breach exposed personal information of up…
Cyble Research and Intelligence Labs (CRIL) has identified Operation TrustTrap, a significant domain spoofing campaign involving over 16,800 fraudulent domains that mimic legitimate U.S. government portals, particularly…
APT36, also known as Transparent Tribe, conducted a spear-phishing campaign targeting Indian government, strategic, and academic organizations. The campaign involved delivering malicious LNK files disguised as PDFs,…
APT36, also known as Transparent Tribe, has initiated a malware campaign targeting Indian government entities by exploiting Windows LNK shortcut files. The campaign begins with spear-phishing emails containing a ZIP…
In February 2026, various cybersecurity incidents were reported, including the exploitation of Ivanti EPMM vulnerabilities linked to a single IP address and the discovery of malicious packages by the Lazarus group in…
Indian government entities were targeted in two cyber campaigns, Gopher Strike and Sheet Attack, linked to a threat actor in Pakistan. These campaigns utilized previously undocumented tradecraft and were identified by…