Scattered Spider is a apt_group tracked across 50 threat clusters and 83 intelligence report mentions on ThreatCluster. First observed October 27, 2025; most recent activity July 16, 2026.
Adversaries are increasingly leveraging external remote services like VPNs and Citrix to gain unauthorized access to networks. These attacks often involve using valid accounts obtained through credential harvesting or…
In August 2025, a ransomware attack attributed to Russian hackers severely disrupted Jaguar Land Rover's operations, forcing a five-week production halt and costing the UK economy approximately $2.5 billion. The attack…
Zoom has patched a critical vulnerability (CVE-2026-53412) in its Windows desktop client and VDI software that could allow unauthenticated attackers to take over user accounts via network access. The flaw, rated 9.8 out…
The Google Threat Intelligence Group (GTIG) reported that a financially motivated cybercriminal group, UNC6783, is targeting business process outsourcing (BPO) companies to infiltrate high-value organizations across…
Two threat groups, Cordial Spider and Snarky Spider, affiliated with The Com, are targeting U.S. organizations across various critical infrastructure sectors for rapid data theft and extortion. Their operations,…
Peter Stokes, a 19-year-old dual citizen of the U.S. and Estonia, was extradited from Finland to the U.S. to face charges related to his involvement in the Scattered Spider hacking group. The group has been linked to…
Instructure, the company behind the Canvas learning management system, confirmed a significant data breach involving the ShinyHunters hacking group. The attackers claim to have stolen over 3.65TB of data, potentially…
Recent cybersecurity reports detail the exploitation of software vulnerabilities in client applications, particularly targeting web browsers and Microsoft Office. Adversaries utilize techniques such as Drive-by…
The DragonForce ransomware group has been observed using a custom malware, Backdoor.Turn, to conceal command-and-control (C&C) traffic within Microsoft Teams' relay infrastructure. This sophisticated technique allows…
Zimperium's zLabs has reported a significant increase in Android Banking Trojan activity, identifying four distinct campaigns: RecruitRat, SaferRat, Astrinox, and Massiv. These campaigns utilize advanced…