government-backed attacks

State-sponsored APTs are leveraging WinRAR bug
A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. …

Russian APT phished government employees via Microsoft Teams
An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says …

North Korean hackers targeted tech companies through JumpCloud and GitHub
North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech …

Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …

Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …

Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …

3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …

3CX compromise: More details about the breach, new PWA app released
3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting …

3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …

3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …

2022 witnessed a drop in exploited zero-days
Malicious threat actors have actively exploited 55 zero-days in 2022 – down from 81 in 2021 – with Microsoft, Google, and Apple products being most targeted. 53 …

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)