Latest news

Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries
Cybercrime

Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries

28 May 2026 dark6

Iran-linked Seedworm (MuddyWater) APT has been caught running a broad espionage campaign against at least 9 organizations across 9 countries...
Read more 0
Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations
Malware

Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations

26 May 2026 dark6

The Cloud Atlas APT group has adopted a stealthy new technique: modifying Windows termsrv.dll to enable multiple simultaneous RDP sessions,...
Read more 0
China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia
Malware

China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia

2 May 2026 dark6

A China-aligned threat group has conducted a prolonged espionage campaign against government agencies and critical infrastructure across eight Asian countries....
Read more 0
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
Malware

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026 dark6

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Read more 0
APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign
Malware

APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign

18 April 2026 dark6

Russia's APT28 (Fancy Bear) has launched a new campaign deploying the previously undocumented PRISMEX malware framework, which uses steganography, COM...
Read more 0
MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure
Malware

MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure

16 April 2026 dark6

Iran-linked threat group MuddyWater is behind a sophisticated espionage campaign that scanned over 12,000 systems in the Middle East before...
Read more 0
Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit
Vulnerability

Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit

15 April 2026 dark6

Adobe patched a critical zero-day in Acrobat Reader (CVE-2026-34621) that was exploited for at least four months via a sophisticated...
Read more 0