VulDB 6h ago
Indicators added for: XWorm (+1), PoshC2 (+1), PureRAT (+1), Remus (+2), Hajime (+1), Havoc (+1) and RedTail (+1). https://vuldb.com/actor #apt #cti #ioc
Actors

Predictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Vulnerability Database
🇷🇸🛰️ YT1GS – MihajloPi 🛰️🇷🇸8h ago

🇷🇸Ground Station: Nis, Serbia METEOR-M2 4 19-05-2026 15:22 CEST Max Elev: 38° W Sun Elevation: 46° Gain: 15 | Northbound

#NOAA #NOAA15 #NOAA18 #NOAA19 #MeteorM2_3 #MeteorM2_4 #weather #weathersats #APT #LRPT #wxtoimg #MeteorDemod #rtlsdr #gpredict #raspberrypi #RN2 #ISS

AmmarSpaces10h ago

Malaysia has their own APT operation before Indonesia?

Damn

https://www.scworld.com/brief/malaysian-government-linked-campaign-uses-hidden-infrastructure-for-years

#cybersecurity #infosec #indonesia #malaysia #APT

Malaysian government-linked campaign used hidden infrastructure for years

The operation, believed to be a long-term espionage effort, has maintained its command and control infrastructure for several years by employing sophisticated techniques to avoid detection.

SC Media
Yazoul - Cybersecurity Alerts1d ago

🔵 THREAT INTELLIGENCE

Weekly Threat Roundup: 2026-05-11 to 2026-05-17

Roundup | CRITICAL
CVEs: CVE-2026-20182, CVE-2026-42897, CVE-2026-42945

Cybersecurity roundup for 2026-05-11 to 2026-05-17. 3 CVE advisories, 3 breach reports, 1 threat news stories.

Full analysis:
https://www.yazoul.net/news/article/2026-w20-weekly-threat-roundup

#CyberSecurity #APT #CyberNews

Weekly Threat Roundup: Cisco SD-WAN Zero-Day Under Attack (May 11-17)

Cybersecurity roundup for 2026-05-11 to 2026-05-17. 3 CVE advisories, 3 breach reports, 1 threat news stories.

Yazoul Security
Yazoul - Cybersecurity Alerts1d ago

🔵 THREAT INTELLIGENCE

Weekly Threat Roundup: 2026-05-11 to 2026-05-17

Roundup | CRITICAL
CVEs: CVE-2026-20182, CVE-2026-42897, CVE-2026-42945

Cybersecurity roundup for 2026-05-11 to 2026-05-17. 3 CVE advisories, 3 breach reports, 1 threat news stories.

Full analysis:
https://www.yazoul.net/news/article/2026-w20-weekly-threat-roundup

#CyberSecurity #APT #CyberNews

Weekly Threat Roundup: Cisco SD-WAN Zero-Day Under Attack (May 11-17)

Cybersecurity roundup for 2026-05-11 to 2026-05-17. 3 CVE advisories, 3 breach reports, 1 threat news stories.

Yazoul Security
VulDB 1d ago
Added some more indicators for: ValleyRAT (+2), Velvet Chollima (+2), Qilin (+1), INC (+1), Cl0p (+1), Akira (+1) and Gremlin Stealer (+1). https://vuldb.com/actor #apt #cti #ioc
Actors

Predictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Vulnerability Database
(in)sicurezza digitale1d ago

UAT-8616: il gruppo d’élite sfrutta il sesto zero-day Cisco SD-WAN e prende di mira governi europei e asiatici

Un threat actor altamente sofisticato, UAT-8616, sfrutta CVE-2026-20182 — vulnerabilità critica CVSS 10.0 nel Cisco Catalyst SD-WAN — per compromettere organizzazioni governative, diplomatiche e della difesa in Europa e Asia Centrale. È la sesta zero-day sulla piattaforma SD-WAN nel 2026. La CISA ha aggiunto il CVE al catalogo KEV il 15 maggio.

https://insicurezzadigitale.com/uat-8616-il-gruppo-delite-sfrutta-il-sesto-zero-day-cisco-sd-wan-e-prende-di-mira-governi-europei-e-asiatici/

CyberNetsecIO1d ago

📰 Russian APT Turla Evolves Kazuar Backdoor into Stealthy P2P Botnet

🇷🇺 Russian APT Turla has upgraded its Kazuar backdoor into a modular P2P botnet. The new architecture enhances stealth and resilience, making it harder to detect and disrupt. The focus remains on long-term espionage. #Turla #APT #Kazuar #CyberSecur...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/russian-apt-turla-upgrades-kazuar-backdoor-into-p2p-botnet/?utm_source=mastodon&utm_…

CyberNetsecIO1d ago

📰 State-Sponsored Ransomware Blurs Lines, Increasingly Deployed as Proxy Weapon Against Critical Infrastructure

Nation-states are now using ransomware as a proxy weapon! ⚔️ Iran-aligned groups are targeting critical OT infrastructure to cause disruption while maintaining plausible deniability. #Ransomware #ThreatIntel #APT #OTsecurity

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/state-backed-ransomware-targets-critical-infrastructure-ot-systems/?ut…

(in)sicurezza digitale1d ago

Kazuar si evolve: Secret Blizzard (Turla) trasforma il suo backdoor storico in una botnet P2P modulare invisibile

Il gruppo russo Secret Blizzard (Turla/FSB) ha trasformato il malware Kazuar in una botnet peer-to-peer con tre moduli distinti (Kernel, Bridge, Worker) e 150 parametri di configurazione. La nuova architettura usa un sistema di elezione del leader per ridurre al minimo il traffico verso i server C2, rendendo il rilevamento estremamente difficile. Obiettivi: governi, ambasciate e settore difesa in Europa e Ucraina.

https://insicurezzadigitale.com/kazuar-si-evolve-secret-blizzard-turla-trasforma-il-suo-backdoor-storico-in-una-botnet-p2p-modulare-invisibile/