Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication

Since late 2024, Unit 42 researchers have been tracking a cluster of suspicious activity as CL-STA-1020, targeting governmental entities in Southeast Asia. The threat actors behind this cluster of activity have been collecting sensitive information from government agencies, including information Read More …

‘Pig butchering’ scams have stolen billions from people around the world.

At the beginning of 2025, panic about fraud and human trafficking erupted on Chinese social media. It started when a Chinese actor called Wang Xing was tricked into travelling to Thailand for an audition, where he was abducted by criminals Read More …

Trump administration to spend $1 billion on ‘offensive’ hacking operations

The Trump administration, through the Department of Defense, plans to spend $1 billion over the next four years on what it calls “offensive cyber operations.” The provision in Trump’s landmark One Big Beautiful Bill does not say what those “offensive Read More …

NFC fraud threatens Philippines digital payments security

As contactless payments and digital wallets grow quickly in the Philippines, cyber-criminals are now targeting the country by abusing Near Field Communication (NFC) technologies. Resecurity, a global leader in cyber threat intelligence, issued a stark warning, urging Philippine regulators and Read More …

BERT Ransomware Group Targets Asia and Europe on Multiple Platforms

In April, a new ransomware group known as BERT, has been observed targeting organizations across Asia and Europe. TrendResearch telemetry has confirmed the emergence and activity of this ransomware. This blog entry examines BERT’s tools and tactics across multiple variants. Read More …

macOS NimDoor, DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware

In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group. Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations. Analysis revealed Read More …

GoldenEye Dog(APT-Q-27) gang’s recent use of “Silver Fox” Trojan stealing activities

GoldenEyeDog (tracked internally as APT-Q-27 by Qi’anxin) is a hacking group targeting people involved in gaming and dog-pushing in Southeast Asia, as well as the overseas Chinese community, with a range of business activities including remote control, mining, DDoS attacks, Read More …

FBI: Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025

The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull). Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites Read More …