T1574 - Hijack Execution Flow is a mitre_attack tracked across 50 threat clusters and 180 intelligence report mentions on ThreatCluster. First observed January 27, 2026; most recent activity July 17, 2026.
Two Russia-aligned cyber campaigns are exploiting the WinRAR vulnerability CVE-2025-8088 against Ukrainian targets nearly a year after it was patched. The flaw, a path traversal vulnerability, allows attackers to write…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
Iranian state-aligned hackers, known as Nimbus Manticore (UNC1549), have intensified cyberattacks against the US aviation sector amid the ongoing US-Iran military conflict. Utilizing career-themed phishing and a novel…
The Chinese-speaking threat group CL-STA-1062 has been actively deploying a new .NET backdoor named TinyRCT against government and critical energy infrastructure in Southeast Asia throughout 2025. This campaign utilizes…
In early 2026, a series of targeted attacks named Operation TrueChaos exploited a zero-day vulnerability in TrueConf software, tracked as CVE-2026-3502, which allows attackers to execute arbitrary files on connected…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
ESET researchers reported a supply-chain attack by the North Korean APT group ScarCruft, targeting a gaming platform in the Yanbian region of China. The attack, ongoing since late 2024, involved trojanizing both Windows…
On March 1, 2026, a China-nexus threat actor launched a cyber campaign targeting countries in the Persian Gulf region, coinciding with renewed conflict in the Middle East. The attack utilized social engineering tactics,…
On March 12, 2026, Zscaler ThreatLabz reported a campaign by the Tropic Trooper APT targeting Chinese-speaking individuals in Taiwan, Japan, and South Korea. The attack involved a malicious ZIP archive containing…