T1543.003 - Windows Service is a mitre_attack tracked across 50 threat clusters and 91 intelligence report mentions on ThreatCluster. First observed February 4, 2026; most recent activity July 17, 2026.
TeamPCP has launched a new cyber campaign deploying a destructive payload that targets Kubernetes clusters configured for Iran. This wiper malware, part of the ongoing CanisterWorm campaign, uses the same…
AHA! disclosed three critical vulnerabilities in Yarbo robot firmware v2.3.9, identified as CVE-2026-7413, CVE-2026-7414, and CVE-2026-7415. The vulnerabilities include a hidden backdoor, hardcoded credentials, and an…
The Lazarus Group, a North Korea-linked cybercrime organization, has intensified its operations against financial and cryptocurrency sectors using a sophisticated fileless Remote Access Trojan (RAT) called RemotePE.…
In late 2025 and early 2026, a new data-wiping malware known as Lotus Wiper was identified targeting the energy and utilities sector in Venezuela. The malware was uploaded to a public platform in mid-December 2025 and…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
In early 2026, the Iranian APT group MuddyWater, affiliated with the Ministry of Intelligence and Security, executed a sophisticated cyber operation disguised as a Chaos ransomware attack. Utilizing social engineering…
The SUNBURST backdoor, discovered by FireEye, exploits trojanized updates to SolarWinds Orion software, affecting numerous public and private organizations globally. The attack vector involves a malicious DLL,…
The North Korean hacking group Kimsuky is utilizing generative AI to create malware aimed at South Korean government systems, as reported by Kaspersky on May 14, 2026. The malware, named HelloDoor, is a Rust-based…
A months-long espionage campaign linked to the Chinese group Mustang Panda has been identified, utilizing an updated variant of the FDMTP backdoor. This campaign, tracked by Darktrace, began in late September 2025 and…