cyber espionage

China-linked Murky Panda targets and moves laterally through cloud services
In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to …

Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old …

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian …

Attackers breached ConnectWise, compromised customer ScreenConnect instances
A suspected “sophisticated nation state actor” has compromised ScreenConnect cloud instances of a “very small number” of ConnectWise customers, the …

Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in …

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti …

Nation-state APTs ramp up attacks on Ukraine and the EU
Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber …

Russia-linked hackers target webmail servers in Ukraine-related espionage operation
ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned …

44% of the zero-days exploited in 2024 were in enterprise solutions
In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of …

Cozy Bear targets EU diplomats with wine-tasting invites (again)
APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. …

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances …

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged