Dangerous Invitations: Russian Threat Actor Spoofs European Security Events in Targeted Phishing Attacks 2025-12-04 True True APT Meets GPT: Targeted Operations with Untamed LLMs 2025-10-08 True True Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows 2025-04-22 True True Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication 2025-02-13 True True The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access 2024-11-22 True True BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA 2024-11-15 True True StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms 2024-08-02 True True DISGOMOJI Malware Used to Target Indian Government 2024-06-13 True True Detecting Compromise of CVE-2024-3400 on Palo Alto Networks GlobalProtect Devices 2024-05-15 True True Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) 2024-04-12 True True CharmingCypress: Innovating Persistence 2024-02-13 True True How Memory Forensics Revealed Exploitation of Ivanti Connect Secure VPN Zero-Day Vulnerabilities 2024-02-01 True True Ivanti Connect Secure VPN Exploitation: New Observations 2024-01-18 True True Ivanti Connect Secure VPN Exploitation Goes Global 2024-01-15 True True Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN 2024-01-10 True True EvilBamboo Targets Mobile Devices in Multi-year Campaign 2023-09-22 True True Charming Kitten Updates POWERSTAR with an InterPlanetary Twist 2023-06-28 True True 3CX Supply Chain Compromise Leads to ICONIC Incident 2023-03-30 True True Using Memory Analysis to Detect EDR-Nullifying Malware 2023-03-07 True True ₿uyer ₿eware: Fake Cryptocurrency Applications Serving as Front for AppleJeus Malware 2022-12-01 True True Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925 2022-08-10 True True SharpTongue Deploys Clever Mail-Stealing Browser Extension “SHARPEXT” 2022-07-28 True True DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach 2022-06-15 True True Zero-Day Exploitation of Atlassian Confluence 2022-06-02 True True Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS 2022-03-22 True True Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra 2022-02-03 True True XE Group – Exposed: 8 Years of Hacking & Card Skimming for Profit 2021-12-07 True True North Korean BLUELIGHT Special: InkySquid Deploys RokRAT 2021-08-24 True True North Korean APT InkySquid Infects Victims Using Browser Exploits 2021-08-17 True True Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns 2021-05-27 True True Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities 2021-03-02 True True Responding to the SolarWinds Breach: Detect, Prevent, and Remediate the Dark Halo Supply Chain Attack 2020-12-16 True True Dark Halo Leverages SolarWinds Compromise to Breach Organizations 2020-12-14 True True OceanLotus: Extending Cyber Espionage Operations Through Fake Websites 2020-11-06 True True Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant 2020-04-21 True True Storm Cloud Unleashed: Tibetan Focus of Highly Targeted Fake Flash Campaign 2020-03-31 True True Microsoft Exchange Control Panel (ECP) Vulnerability CVE-2020-0688 Exploited 2020-03-06 True True 
