Amazon S3 is a technology platform tracked across 30 threat clusters and 36 intelligence report mentions on ThreatCluster. First observed October 30, 2025; most recent activity July 15, 2026.
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
On March 12, 2026, Zscaler ThreatLabz reported a campaign by the Tropic Trooper APT targeting Chinese-speaking individuals in Taiwan, Japan, and South Korea. The attack involved a malicious ZIP archive containing…
The China-aligned APT group Webworm has shifted its focus from Asia to Europe, targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain during 2025. ESET researchers identified new backdoors,…
The ModHeader browser extension, used by approximately 1.6 million users across Chrome and Edge, was removed after researchers discovered a dormant data-collection capability embedded in its signed release. The…
LeakNet, a ransomware group, has adopted new tactics involving ClickFix social engineering and a Deno-based fileless loader. This shift allows them to gain initial access through compromised websites, prompting users to…
Hackers are increasingly targeting newly disclosed vulnerabilities in third-party software to access cloud environments, with the time frame for such attacks decreasing significantly. Google reports a notable decline in…
In early 2026, a surge in phishing attacks utilizing Amazon Simple Email Service (SES) has been reported, exploiting exposed AWS Identity and Access Management (IAM) access keys. Attackers leverage this trusted email…
A security flaw in AWS Bedrock's AgentCore Code Interpreter allows attackers to bypass network isolation through DNS queries. Researchers from BeyondTrust demonstrated that the sandbox mode permits outbound DNS queries…
In June 2025, Columbia University suffered a significant data breach, initially misreported as a technical failure. The breach, attributed to a politically motivated hacktivist, resulted in the exfiltration of 460 GB of…