Latest Intelligence
UK Sanctions Russian Hackers Tied to Assassination Attempts
The UK government has imposed sanctions on three Russian Advanced Persistent Threat (APT) groups and 18 individuals due to their involvement in cyber operations targeting Ukraine, NATO allies, and the EU. This action is part of a broader effort to counter cyber threats linked to geopolitical tensions. Read Original »
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
The ToolShell zero-day attacks have been identified as targeting SharePoint servers, with initial investigations linking these attacks to China and focusing on high-value targets. Despite the emerging details, there remains confusion regarding the specific vulnerabilities exploited in these attacks. Read Original »
China-Backed APT41 Cyberattack Surfaces in Africa
A sophisticated cyberattack attributed to the China-sponsored group APT41 has recently targeted an IT company in Africa, marking a significant expansion of their activities into the region. This incident highlights the growing reach of Beijing's cyber-espionage efforts. Read Original »
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
A critical vulnerability in Microsoft SharePoint has been exploited since July 7, 2025, with initial attacks targeting a major Western government. The exploitation has since expanded to various sectors including government, telecommunications, and software. Read Original »
Human Digital Twins Could Give Attackers a Dangerous Advantage
The article discusses the potential risks associated with human digital twins, highlighting their use in social engineering attacks. While the technology offers various benefits, it also poses significant cybersecurity threats due to its ability to convincingly impersonate individuals. Read Original »
Malicious Implants Are Coming to AI Components, Applications
Research will be published revealing how vulnerabilities in contemporary security products can facilitate covert implants in AI-driven applications. This highlights a significant security concern in the integration of AI and existing security measures. Read Original »
Europol Sting Leaves Russian Cybercrime's 'NoName057(16)' Group Fractured
The article discusses the impact of a Europol operation that has led to the issuance of seven arrest warrants against members of the Russian cybercrime group NoName057(16). This group is known for recruiting individuals to conduct DDoS attacks against targets considered enemies of Russia. Read Original »
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have discovered new Android spyware linked to the Iranian Ministry of Intelligence and Security, which disguises itself as VPN applications and the Starlink satellite internet service. This malware targets dissidents, raising concerns about surveillance and privacy violations. Read Original »
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
The cyber espionage group APT41, believed to be linked to China, has initiated a targeted campaign against government IT services in Africa. Researchers from Kaspersky highlighted the use of hardcoded internal service names and IP addresses within the malware employed by the attackers. Read Original »
Containment as a Core Security Strategy
The article emphasizes the need for a proactive approach to cybersecurity, advocating for the containment of potential threats rather than merely reacting to known vulnerabilities. It highlights the importance of assuming the existence of unknown threats and minimizing their potential impact. Read Original »
New Variants of DCHSpy Spyware Used by Iranian APT to Target Android Users
The Iranian APT group MuddyWater has been deploying new variants of the DCHSpy spyware targeting Android users since the onset of the conflict with Israel. This indicates a significant escalation in their surveillance efforts against mobile devices. Read Original »
⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
The article highlights how attackers are exploiting weak security settings and outdated encryption rather than relying on flashy zero-day exploits. These subtle attacks often go unnoticed, taking advantage of what is typically considered safe. Read Original »
Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
Cierant Corporation and Zumpano Patricios have reported data breaches that have affected over 200,000 individuals each. These incidents highlight significant cybersecurity concerns within the organizations involved. Read Original »
Assessing the Role of AI in Zero Trust
The article discusses the evolution of Zero Trust from a theoretical framework to a critical security requirement for organizations by 2025. It emphasizes that implementing Zero Trust principles is essential for achieving cyber resilience and securing partnerships. Read Original »
Microsoft Rushes Emergency Patch for Actively Exploited SharePoint ‘ToolShell’ Bug
Microsoft has issued an emergency patch for a zero-day vulnerability in SharePoint, identified as CVE-2025-53770. This vulnerability is being actively exploited by malicious actors to compromise US government agencies and various businesses. Read Original »