Latest news
Malware
China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia
2 May 2026 dark6
A China-aligned threat group has conducted a prolonged espionage campaign against government agencies and critical infrastructure across eight Asian countries....
Malware
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
26 April 2026 dark6
Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Malware
APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign
18 April 2026 dark6
Russia's APT28 (Fancy Bear) has launched a new campaign deploying the previously undocumented PRISMEX malware framework, which uses steganography, COM...
Malware
MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure
16 April 2026 dark6
Iran-linked threat group MuddyWater is behind a sophisticated espionage campaign that scanned over 12,000 systems in the Middle East before...
Vulnerability
Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit
15 April 2026 dark6
Adobe patched a critical zero-day in Acrobat Reader (CVE-2026-34621) that was exploited for at least four months via a sophisticated...