Advanced Persistent Threat (APT) stories

Okta warns North Korean operatives are landing remote tech jobs with stolen and synthetic identities to fund the regime and enable cyber attacks.

Hackers are abandoning noisy ransomware to quietly steal data, as a report finds 80% of top attack techniques now focus on evasion.

Indian defence faces a decade-long silent siege as APT36 refines cross-platform cyber espionage with stealthy, persistent RAT campaigns.

Attackers are hijacking live web sessions by stealthily tampering with NGINX configs, silently relaying traffic via rogue servers.

CrowdStrike has split North Korea-linked LABYRINTH CHOLLIMA into three units, two for crypto theft and one for industrial espionage.

Politically themed LOTUSLITE phishing campaign hits US policy bodies, using DLL sideloading and espionage-focused backdoor tactics.

Attackers are abusing LinkedIn private messages to deliver Python-based malware via booby-trapped archives, ReliaQuest has warned.

NCC Group links Silver Fox’s false-flag malware campaigns to ValleyRAT and uncovers critical PowerG flaws that can fully compromise alarms.

Alleged US cyber role in Venezuela attack exposes how multi-domain operations can silently compromise critical national infrastructure.

Storm-0249 hijacks trusted security and Windows tools to stealthily broker high-value network access for ransomware operators.

Chinese state-backed hackers mimic Microsoft Teams downloads in a false flag campaign to infect Chinese speakers and blame Russian actors.

CrowdStrike’s Falcon platform scores 100% detection and protection with zero false positives in MITRE ATT&CK’s toughest cloud-era tests.

China-linked WARP PANDA cyberespionage group targets US cloud networks, exploiting vulnerabilities in Microsoft 365, VMware, and more for sustained data access.

ThreatBook launches its Advanced Threat Intelligence solution to enhance cyber risk detection in Asia Pacific, analysing billions of attack records daily.

Phantom Taurus, a new Chinese state-backed group, targets governments and telecoms in Africa, the Middle East, and Asia with advanced espionage tools and tactics.

Broadcom patches a VMware zero-day flaw exploited for nearly a year, allowing attackers root access to virtual machines in certain configurations.

WatchGuard launches FireCloud Total Access, a hybrid SASE service offering Zero Trust security for MSPs and IT teams to protect remote and hybrid workforces.

A Chinese cyber group has targeted US government and policy organisations with spearphishing attacks amid trade talks, using advanced tactics to gain persistent access.

Chinese-linked EggStreme malware targets Philippine military firm, signalling rising espionage efforts in Asia-Pacific by advanced threat groups.

Singapore CISOs face rising cyber risks with 91% reporting data loss, growing insider threats, and concerns over AI amid escalating pressure and preparedness gaps.