NightSpire Ransomware Exploits RDP and Remote Admin Tools to Hit 64 Organizations in 33 Countries
NightSpire ransomware has hit at least 64 organizations across 33 countries by exploiting Remote Desktop Protocol access and installing legitimate remote administration tools like AnyDesk and Chrome Remote...
Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations
The Cloud Atlas APT group has adopted a stealthy new technique: modifying Windows termsrv.dll to enable multiple simultaneous RDP sessions, allowing attackers to maintain covert access while legitimate...
Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025
A new intelligence report from Ukraine's National Security and Defense Council reveals Russian state-sponsored threat groups dramatically escalated cyber operations in 2025, with CERT-UA recording 5,927 incidents —...
Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks
The Qilin ransomware group, responsible for over 700 attacks in 2025, has been observed using a stealthy PowerShell technique to enumerate RDP authentication history on compromised servers —...
Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files
Microsoft's April 2026 Patch Tuesday introduces new multi-layer warning dialogs in Windows Remote Desktop Connection, designed to protect users from phishing attacks that weaponize .rdp files — a...