UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering

North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069, a financially motivated threat actor active since Read More …

Malaysia: Nacsa investigating alleged cyber-espionage targeting multiple government bodies

The National Cyber Security Agency (Nacsa) is currently investigating alleged incidents of cyber-espionage activity targeting various Malaysian government entities. In a statement to StarLifestyle, a Nacsa spokesperson said the agency is aware of a report published by Unit 42, the Read More …

Approaching cyclone: Vortex Werewolf attacks Russia

In December 2025 and January 2026, BI.ZONE Threat Intelligence detected malicious activity by a new cluster Vortex Werewolf (SkyCloak). The attacks targeted Russian government and defense organizations. BI.ZONE researchers findings indicate that the adversary used phishing emails to deliver malware Read More …

China’s Salt Typhoon hackers broke into Norwegian companies

The Norwegian government has accused the Chinese-backed hacking group known as Salt Typhoon of breaking into several organizations in the country. In a report published on Friday, the Norwegian Police Security Service said the hacking group, believed to be working Read More …

Dynowiper: Destructive Malware Targeting Poland’s Energy Sector

The coordinated destructive campaign against critical energy infrastructure occurred on December 29, 2025, during a period of severe winter weather in Poland. According to CERT Polska’s report, the campaign targeted: 30+ wind and solar farms across Poland; A major CHP Read More …

Asia-based government spies quietly broke into critical networks across 37 countries

A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers. In total, the crew compromised at least 70 organizations, and maintained access to several of these Read More …

Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT

Stan Ghouls (also known as Bloody Wolf) is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan since at least 2023. These attackers primarily have their sights set on the manufacturing, finance, Read More …

Data breach at govtech giant Conduent balloons, affecting millions more Americans

A data breach at government technology giant Conduent appears to affect far more people than first disclosed, with the number of victims potentially stretching to dozens of millions of people across the United States. The January 2025 ransomware attack, which Read More …

Polish authorities arrest 20-year-old man on suspicion of carrying out DDoS attacks

Polish authorities have cuffed a 20-year-old man on suspicion of carrying out DDoS attacks. The Central Bureau for Combating Cybercrime (CBZC) claims the unnamed individual was responsible for attacks on “numerous popular websites,” including those of strategic importance. Given the Read More …

Russian ransomware hackers allegedly hit Tulsa airport in cyberattack, dump private files online as proof

Russian ransomware operators Qilin have claimed to have broken into the Tulsa International Airport and stolen an unspecified amount of sensitive company data. A report from Cybernews says the group recently added the airport to their data leak site, and Read More …