3+ day, 3+ hour ago  (708+ words) By Threat Intelligence Unit The operation demonstrates a high degree of operational planning, with the attacker developing purpose-built Python tooling for each target " covering internal network enumeration, database access, and external data exfiltration. Key characteristics of this campaign include: The…...

2+ day, 3+ hour ago  (234+ words) Foro3 D The Ghostwriter group has struck again against the Ukrainian government, using a geolocalized phishing campaign. Attackers send PDF files that, when opened, deploy the Cobalt Strike malware. This geofencing tactic activates the attack only if the victim is in…...

2+ day, 9+ hour ago  (226+ words) Amid heightened concerns about cyber surveillance, members of the US delegation to China, including President Donald Trump, major corporate leaders, and their aides, are eschewing personal electronic devices. This precaution is largely motivated by fears of extensive digital monitoring by…...

2+ day, 21+ hour ago  (690+ words) Industrial Cyber Twill Typhoon used legitimate Windows tools, DLL sideloading, FDMTP backdoor in APAC espionage campaign Researchers at Darktrace disclosed a China-linked cyberespionage campaign targeting organizations primarily across the Asia-Pacific and Japan region using an updated version of the FDMTP…...

3+ day, 7+ min ago  (174+ words) Researchers spotted an updated version of the FDMTP backdoor Chinese state-sponsored threat actors are targeting organizations across the Asia-Pacific region, as well as Japan, with an updated version of a known backdoor, experts have warned. A new threat intelligence report…...

3+ day, 11+ hour ago  (254+ words) Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime See Also: Experts Offer Insights from Theoretical to the Realities of AI-enabled Cybercrime The group is known for its use of a. NET malware downloader known as FDMTP. The backdoor now has a remote access…...

3+ day, 14+ hour ago  (763+ words) A Chinese state-linked hacking group known as Famous Sparrow has quietly infiltrated an Azerbaijani oil and gas company, exploiting an unpatched Microsoft Exchange server to plant multiple backdoors inside the network. The attack ran from late December 2025 through late February…...

3+ day, 18+ hour ago  (675+ words) Thu May 14 2026, 11: 36 AM EDT " 2 minute read The malware was disguised as trusted Apple and Yahoo-themed internet infrastructure. Legitimate Windows software and DLL sideloading concealed a modular remote access trojan within ordinary network traffic. Activity first appeared in customer networks in…...

3+ day, 20+ hour ago  (397+ words) An updated variant of the FDMTP backdoor has been observed in a months-long espionage campaign aimed at networks in the Asia-Pacific and Japan, with researchers linking the activity to the China-aligned group Mustang Panda. According to new analysis from Darktrace,…...

3+ day, 16+ hour ago  (712+ words) The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly…...