Google Drive is a tool tracked across 50 threat clusters and 76 intelligence report mentions on ThreatCluster. First observed October 23, 2025; most recent activity July 12, 2026.
On July 3, 2026, Google, in coordination with the FBI and other partners, disrupted the NetNut residential proxy network, also known as the Popa botnet. This operation targeted over 2 million compromised consumer…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
Chinese state-backed group TA416 has reemerged with intensified cyber espionage campaigns targeting European governments, following a quiet period since 2023. Proofpoint reported that the group's renewed activity began…
The GREYVIBE group, a previously unknown Russian hacking entity, has been actively targeting Ukrainian military, government, and civilian sectors since August 2025. Utilizing sophisticated AI tools like ChatGPT and…
In June 2026, Mustang Panda launched two espionage campaigns targeting India's hydropower sector and government entities. The attacks utilized lure documents related to cooperation agreements with Taiwan, delivering…
Google has filed a lawsuit against the 'Outsider Enterprise', a China-based cybercrime network, for allegedly using AI tools, including its Gemini platform, to conduct large-scale phishing operations. The operation has…
In June 2026, a significant security incident involving Klue, a market intelligence platform, allowed the Icarus threat actor group to exfiltrate Salesforce CRM data from multiple organizations, including Huntress. The…
Hackers are increasingly targeting newly disclosed vulnerabilities in third-party software to access cloud environments, with the time frame for such attacks decreasing significantly. Google reports a notable decline in…
The JanaWare ransomware campaign has emerged, targeting users in Turkey through a customized variant of the Adwind RAT. The malware is distributed via phishing emails containing malicious JAR files, which, when…
Recent investigations into AI browsers like Perplexity Comet and ChatGPT Atlas reveal significant security vulnerabilities, particularly prompt injection attacks. These attacks allow malicious actors to embed harmful…