Worm is a attack_type tracked across 50 threat clusters and 188 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 16, 2026.
Gamaredon, a Russian state-backed APT group, is actively exploiting a WinRAR vulnerability (CVE-2025-8088) to deploy malware against Ukrainian government and military targets. The attack begins with a spearphishing…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
Bauman Moscow State Technical University is revealed to host a secret department training students for the GRU, Russia's military intelligence. Leaked documents show that over 2,000 students have been trained in…
Void Dokkaebi, a North Korean threat actor, has escalated its malware distribution tactics by using fake job interviews to compromise software developers. This campaign, known as the 'Contagious Interview,' targets…
The TeamPCP threat group has expanded its supply chain attack campaign, compromising the Microsoft DurableTask Python client with versions v1.4.1, v1.4.2, and v1.4.3 found to contain a credential-stealing worm. This…
The FBI has issued a warning regarding the Kali365 phishing kit, which is actively stealing Microsoft OAuth tokens and bypassing multi-factor authentication (MFA) protocols. First identified in April 2026, Kali365 is…
Researchers at SentinelOne have uncovered a malware framework named fast16, which dates back to 2005 and predates the infamous Stuxnet worm by five years. Fast16 is designed to subtly corrupt high-precision mathematical…
The Wikimedia Foundation faced a security incident on March 5, 2026, when a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis, including Wikipedia. The attack…
The Glassworm botnet, which has targeted software developers since early 2025, was taken down in a coordinated operation by CrowdStrike, Google, and the Shadowserver Foundation on May 26, 2026. This botnet utilized…
On June 9, 2026, Microsoft released its largest Patch Tuesday update, addressing 206 vulnerabilities, including three zero-day flaws. Among the critical vulnerabilities, 32 were rated as critical, with 28 classified as…