Akamai SIRT discovers Zerobot botnet actively exploiting CVE-2025-68613 in n8n workflow automation platform, marking a shift from traditional IoT targeting to enterprise infrastructure.
Check Point Research has unveiled a sophisticated Chinese APT campaign dubbed Silver Dragon that has been actively targeting government entities and organizations across Southeast Asia and Europe since mid-2024. The threat actor operates within the umbrella of Chinese-nexus APT41 and employs multiple infection chains to deliver custom backdoors designed for covert data exfiltration. Campaign Overview…
Russia’s state-sponsored threat actor APT28 (also known as Fancy Bear) has been linked to active exploitation of CVE-2026-21513, a high-severity MSHTML zero-day vulnerability, before Microsoft released its patch in February 2026. This finding comes from new research published by Akamai, highlighting the sophisticated tradecraft employed by Russian intelligence operations. Vulnerability Details CVE-2026-21513 carries a CVSS…
A sophisticated supply chain attack has been uncovered targeting Go developers through a malicious module that impersonates the legitimate golang.org/x/crypto library. The attack demonstrates how threat actors are increasingly exploiting namespace confusion to compromise developer environments and deploy persistent backdoors. The Attack Mechanism Security researchers at Socket discovered the malicious module github[.]com/xinfeisoft/crypto, which masquerades as…
A sophisticated phishing campaign has been discovered that transforms web browsers into comprehensive surveillance platforms by masquerading as a Google Account security page. According to Malwarebytes researchers, this attack represents one of the most fully-featured browser-based surveillance toolkits observed in the wild. Attack Methodology The attack begins with a convincing replica of a Google Account…
Russian cyberattacks targeting Ukraine’s energy infrastructure have shifted focus from immediate disruption to intelligence gathering for guiding missile strikes, Ukrainian cybersecurity officials revealed at the Kyiv International Cyber Resilience Forum. Strategic Shift in Attack Methodology Oleksandr Potii, head of Ukraine’s State Service of Special Communications and Information Protection, confirmed that attackers are now prioritizing reconnaissance…
In a disturbing escalation of AI-enabled cyber operations, hackers have weaponized Anthropic’s Claude Code AI assistant to develop exploits, create custom attack tools, and systematically exfiltrate more than 150GB of data from Mexican government systems, according to Israeli cybersecurity firm Gambit Security. Attack Scope and Impact The threat actors compromised 10 Mexican government agencies and…
Google has disclosed details of a massive disruption operation against UNC2814, a suspected China-nexus cyber espionage group that breached at least 53 organizations across 42 countries. The campaign, tracked as GRIDTIDE, represents one of the most far-reaching espionage operations uncovered in recent years. The Scope of the Intrusion According to Google Threat Intelligence Group (GTIG)…
OpenAI has confirmed that Chinese and Russian state-affiliated threat actors have been exploiting ChatGPT to support malicious cyber and influence operations, marking one of the first documented cases of adversaries weaponizing generative AI for tactical offensive cyber activities. Chinese APT Groups Leverage ChatGPT for Cyber Operations According to OpenAI’s investigation, Chinese threat actors associated with…
In an unprecedented display of cyber warfare capability, Israel has executed what is being described as the largest cyberattack in history, plunging Iran into near-total digital darkness during a coordinated military operation on Saturday, February 28, 2026. Near-Total Internet Blackout Confirmed Independent internet monitor NetBlocks confirmed that Iran’s national connectivity dropped to just 4% of…
