T1567.002 - Exfiltration to Cloud Storage is a mitre_attack tracked across 50 threat clusters and 94 intelligence report mentions on ThreatCluster. First observed November 1, 2025; most recent activity July 16, 2026.
Gamaredon, a Russian state-backed APT group, is actively exploiting a WinRAR vulnerability (CVE-2025-8088) to deploy malware against Ukrainian government and military targets. The attack begins with a spearphishing…
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
In March 2026, a sophisticated ransomware attack impacted multiple critical infrastructure sectors across the United States, including energy and healthcare. The attack exploited vulnerabilities in outdated software…
ESET researchers reported a supply-chain attack by the North Korean APT group ScarCruft, targeting a gaming platform in the Yanbian region of China. The attack, ongoing since late 2024, involved trojanizing both Windows…
The China-aligned APT group Webworm has shifted its focus from Asia to Europe, targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain during 2025. ESET researchers identified new backdoors,…
A critical vulnerability (CVSS 9.7) in the Cline Kanban server allows any website a developer visits to silently exfiltrate workspace data and inject commands into the AI agent's terminal. This flaw affects version…
The BLUERABBIT backdoor, a Golang-based malware, has been identified targeting Windows systems since March 2026. It combines data theft, file encryption, and destructive disk wiping, primarily affecting Israeli…
The Iran-aligned hacking group Handala has claimed responsibility for breaching California water utility systems, framing the operation as retaliation for recent US airstrikes that damaged water infrastructure in Iran.…
A hacker, identified as FlamingChina, has allegedly breached the National Supercomputing Center (NSCC) in Tianjin, China, extracting over 10 petabytes of sensitive data, including classified military documents and…
Xu Zewei, a 33-year-old Chinese national, was extradited from Italy to the United States on April 27, 2026, following his arrest in Milan on July 3, 2025. He is accused of participating in cyberattacks directed by the…