ShadowPad is a malware family tracked across 20 threat clusters and 33 intelligence report mentions on ThreatCluster. First observed November 18, 2025; most recent activity July 2, 2026.
A sophisticated threat actor known as UAT-7290, tracked by Cisco Talos, has expanded its operations to target telecommunications providers in Southeastern Europe. This group, which has been active since at least 2022,…
A new threat actor, UAT-7290, has been identified conducting cyberattacks on telecommunications infrastructure in South Asia. This operation is linked to a China-Nexus state-sponsored advanced persistent threat (APT)…
Telecommunications providers in South Asia and Southeastern Europe have been targeted by the China-linked threat operation UAT-7290 in a series of cyberespionage attacks. The intrusions involved extensive reconnaissance…
UAT-7290, a China-linked advanced persistent threat group, has been active since at least 2022, focusing on espionage against telecommunications providers in South Asia. The group employs a range of Linux and Windows…
The China-aligned threat group SHADOW-EARTH-053 has been exploiting unpatched Microsoft Exchange and IIS server vulnerabilities, specifically the ProxyLogon vulnerability chain, to conduct cyberespionage. This group has…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
In early 2026, a series of targeted attacks named Operation TrueChaos exploited a zero-day vulnerability in TrueConf software, tracked as CVE-2026-3502, which allows attackers to execute arbitrary files on connected…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
A new Linux malware family named Showboat has been discovered, targeting telecommunications firms primarily in the Middle East and Central Asia since mid-2022. Researchers from Lumen's Black Lotus Labs and PwC…
In 2024, ESET identified a new China-aligned APT group named LongNosedGoblin, which targets governmental entities in Southeast Asia and Japan. The group employs a custom toolset, primarily using C#/.NET applications, to…