T1059.003 - Windows Command Shell is a mitre_attack tracked across 50 threat clusters and 102 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity July 17, 2026.
Two Russia-aligned cyber campaigns are exploiting the WinRAR vulnerability CVE-2025-8088 against Ukrainian targets nearly a year after it was patched. The flaw, a path traversal vulnerability, allows attackers to write…
A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being actively exploited in a large-scale cyberattack affecting over 700 websites, including those of Harvard University, Oxford University, Auburn…
In late 2025 and early 2026, a new data-wiping malware known as Lotus Wiper was identified targeting the energy and utilities sector in Venezuela. The malware was uploaded to a public platform in mid-December 2025 and…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
In early 2026, the Iranian APT group MuddyWater, affiliated with the Ministry of Intelligence and Security, executed a sophisticated cyber operation disguised as a Chaos ransomware attack. Utilizing social engineering…
On March 12, 2026, Zscaler ThreatLabz reported a campaign by the Tropic Trooper APT targeting Chinese-speaking individuals in Taiwan, Japan, and South Korea. The attack involved a malicious ZIP archive containing…
Void Dokkaebi, a North Korean threat actor, has escalated its malware distribution tactics by using fake job interviews to compromise software developers. This campaign, known as the 'Contagious Interview,' targets…
The China-aligned APT group Webworm has shifted its focus from Asia to Europe, targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain during 2025. ESET researchers identified new backdoors,…
Daxin, a sophisticated backdoor linked to China, has reappeared in Taiwan, targeting a multinational high-tech manufacturer. Discovered in May 2026, it operates stealthily by hijacking legitimate TCP connections for…
A new malware named NarwhalRAT has been discovered targeting Korean users through phishing emails impersonating the Microsoft security team. The malware, linked to the North Korean hacking group APT37, can perform over…