Latest news

China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign
Cybercrime

China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign

9 June 2026 dark6

ReliaQuest has uncovered OP-512, a new China-linked threat cluster targeting IIS servers with a custom web shell framework that generates...
Read more 0
JINX-0164: Crypto-Targeting APT Uses LinkedIn Job Lures and Fake Meeting Apps to Deploy macOS Malware and Poison npm Supply Chain
Malware

JINX-0164: Crypto-Targeting APT Uses LinkedIn Job Lures and Fake Meeting Apps to Deploy macOS Malware and Poison npm Supply Chain

30 May 2026 dark6

Threat actor JINX-0164 is targeting cryptocurrency developers via fake LinkedIn profiles, luring them into downloading custom macOS malware (AUDIOFIX and...
Read more 0
GREYVIBE: Russian-Aligned Hackers Use ChatGPT and Google Gemini to Build Cyberweapons Targeting Ukraine
Cybercrime

GREYVIBE: Russian-Aligned Hackers Use ChatGPT and Google Gemini to Build Cyberweapons Targeting Ukraine

30 May 2026 dark6

A newly tracked threat actor called GREYVIBE is using generative AI tools including ChatGPT and Google Gemini to develop malware,...
Read more 0
Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries
Cybercrime

Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries

28 May 2026 dark6

Iran-linked Seedworm (MuddyWater) APT has been caught running a broad espionage campaign against at least 9 organizations across 9 countries...
Read more 0
Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations
Malware

Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations

26 May 2026 dark6

The Cloud Atlas APT group has adopted a stealthy new technique: modifying Windows termsrv.dll to enable multiple simultaneous RDP sessions,...
Read more 0
Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025
Cybercrime

Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025

23 May 2026 dark6

A new intelligence report from Ukraine's National Security and Defense Council reveals Russian state-sponsored threat groups dramatically escalated cyber operations...
Read more 0
Kimsuky APT Runs Four Simultaneous Spear-Phishing Campaigns Targeting Recruiters, Crypto Users, and Defense Officials
Phishing

Kimsuky APT Runs Four Simultaneous Spear-Phishing Campaigns Targeting Recruiters, Crypto Users, and Defense Officials

20 May 2026 dark6

North Korea's Kimsuky threat group has been operating four parallel spear-phishing campaigns targeting corporate recruiters, cryptocurrency developers, defense sector officials,...
Read more 0
Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report
Vulnerability

Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report

12 May 2026 dark6

Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration...
Read more 0
APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia
Vulnerability

APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia

3 May 2026 dark6

A sophisticated threat actor has exploited the critical cPanel authentication bypass CVE-2026-41940 to compromise government and military servers across South-East...
Read more 0
China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia
Malware

China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia

2 May 2026 dark6

A China-aligned threat group has conducted a prolonged espionage campaign against government agencies and critical infrastructure across eight Asian countries....
Read more 0
Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit
Malware

Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit

30 April 2026 dark6

North Korea's Lazarus Group has deployed a new modular macOS malware kit called "Mach-O Man" targeting fintech executives and crypto...
Read more 0
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
Malware

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026 dark6

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Read more 0