T1070.001 - Clear Windows Event Logs is a mitre_attack tracked across 15 threat clusters and 16 intelligence report mentions on ThreatCluster. First observed November 20, 2025; most recent activity July 6, 2026.
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
In 2024, ESET identified a new China-aligned APT group named LongNosedGoblin, which targets governmental entities in Southeast Asia and Japan. The group employs a custom toolset, primarily using C#/.NET applications, to…
Xu Zewei, a 33-year-old Chinese national, was extradited from Italy to the United States on April 27, 2026, following his arrest in Milan on July 3, 2025. He is accused of participating in cyberattacks directed by the…
In June 2026, a surge in attacks targeting SonicWall Gen 7 firewalls has been reported, exploiting CVE-2024-40766, an improper access control flaw. This vulnerability allows threat actors to gain unauthorized access,…
Payload ransomware, first identified in February 2026, has rapidly expanded its operations, targeting logistics, real estate, and manufacturing sectors worldwide. The malware employs ChaCha20 encryption and Curve25519…
Torg Grabber, a new infostealer malware, is actively targeting 728 cryptocurrency wallet extensions and other applications, including password managers and communication tools. The malware employs the ClickFix technique…
The Gentlemen ransomware, a Go-based RaaS, has been active since mid-2025 and employs aggressive propagation methods. It utilizes 21 remote execution techniques, including PsExec, WMIC, and PowerShell Remoting, to…
A recent Akira ransomware attack targeted a mid-sized organization by exploiting a disabled local SSL VPN account through brute-force methods. The attackers gained initial access, performed credential discovery, and…
The Vect 2.0 ransomware, emerging from a partnership with the TeamPCP group, has been found to irreversibly destroy files larger than 128 KB instead of encrypting them for ransom. This critical flaw, identified by Check…
Sohaib Akhter, 34, was convicted of conspiracy to commit computer fraud and database destruction after he and his twin brother, Muneeb, deleted approximately 96 databases containing sensitive U.S. government…