Tuesday, May 19, 2026
RSS

Bulwark Black LLC

Cyber Security | Software Development | Consulting Services

RSS

Bulwark Black LLC

Cyber Security | Software Development | Consulting Services

acint

Google Warns of Sustained Russia and China Cyberattacks Targeting Defense Industrial Base

acint04 mins

Google Threat Intelligence Group (GTIG) has published a comprehensive report revealing persistent cyber operations targeting the defense industrial base (DIB) from Russia and China-linked threat actors. The findings detail how state-sponsored hackers are exploiting everything from battlefield messaging apps to edge network devices to compromise defense contractors, military personnel, and the broader supply chain. Key…

Read More

Chinese APT UNC3886 Breaches Singapore’s Four Largest Telcos in Coordinated Espionage Campaign

acint03 mins

Singapore’s government has officially confirmed that a sophisticated Chinese cyber-espionage group breached all four of the nation’s largest telecommunications providers in a coordinated campaign that exploited zero-day vulnerabilities and deployed advanced persistence mechanisms. The Cyber Security Agency of Singapore (CSA) disclosed that UNC3886, a threat actor tracked by Google’s Mandiant security unit and linked to…

Read More

BlueNoroff’s GhostCall and GhostHire Campaigns Use Stolen Victim Videos to Compromise Crypto Executives

acint03 mins

North Korean threat actor BlueNoroff (also known as Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima, and TA444) has launched two sophisticated campaigns—GhostCall and GhostHire—targeting cryptocurrency executives, blockchain developers, and venture capital professionals, according to research published by Kaspersky. GhostCall: Fake Investment Meetings with Real Victim Recordings In the GhostCall campaign, attackers impersonate venture capitalists on…

Read More

APT28 Exploits CVE-2026-21509 in Operation Neusploit: Stealing Emails with MiniDoor Backdoor

acint03 mins

Russia’s infamous APT28 (Fancy Bear/Forest Blizzard) threat group has weaponized a recently patched Microsoft Office vulnerability in just three days, launching a sophisticated espionage campaign dubbed Operation Neusploit targeting government and diplomatic entities across Central and Eastern Europe. Rapid Weaponization of CVE-2026-21509 Zscaler ThreatLabz researchers discovered that APT28 began exploiting CVE-2026-21509—a critical Microsoft Office memory…

Read More

Fake 7-Zip Downloads Convert Home PCs Into Residential Proxy Nodes for Cybercriminals

acint03 mins

A sophisticated brand impersonation campaign is weaponizing the popular 7-Zip file archiver to silently transform infected Windows computers into residential proxy nodes—monetizing victims’ IP addresses for fraud, scraping, and anonymity laundering operations. The Lookalike Domain Trap Security researchers at Malwarebytes have documented a long-running campaign where attackers operate 7zip[.]com—a convincing lookalike of the legitimate 7-zip.org…

Read More

North Korean Hackers Deploy AI-Generated Deepfakes and Seven Malware Families in Targeted Cryptocurrency Attacks

acint03 mins

North Korean threat actor UNC1069 has launched a sophisticated campaign targeting the cryptocurrency and decentralized finance (DeFi) sectors, deploying AI-generated deepfake videos and seven unique malware families to steal credentials and financial data, according to new research from Google Cloud’s Mandiant threat intelligence team. AI-Enabled Social Engineering: The New Frontier The attack begins with a…

Read More

TGR-STA-1030 Espionage Campaign Compromises 70 Organizations Across 37 Nations Using ShadowGuard Linux Rootkit

acint13 mins

A massive, state-aligned cyber espionage campaign has quietly infiltrated government networks across 37 countries, targeting ministries of finance, law enforcement, and critical infrastructure. In a new report, Unit 42 exposes the operations of TGR-STA-1030 (also tracked as UNC6619), an Asia-based threat group that has compromised at least 70 organizations worldwide over the past year. The…

Read More

BridgePay Ransomware Attack Forces Nationwide Cash-Only Payment Disruption

acint03 mins

A major ransomware attack on BridgePay Network Solutions has caused a nationwide payment processing outage, forcing merchants across the United States to switch to cash-only operations and disrupting card transactions for municipalities and businesses alike. Ransomware Confirmed Within Hours BridgePay confirmed late Friday, February 6, 2026, that ransomware was responsible for the incident that began…

Read More

Qilin Ransomware Hits Romania’s National Oil Pipeline Operator Conpet, Claims Nearly 1 TB Data Theft

acint02 mins

Romania’s national oil pipeline operator Conpet has confirmed a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week. The company operates approximately 3,800 kilometers (2,360 miles) of pipelines supplying domestic and imported crude oil and petroleum products to refineries across Romania. Attack Details While Conpet’s official statement on Wednesday…

Read More