Proactive OT security: Lessons on supply chain risk management from a rogue Raspberry Pi

ClickFix is a social engineering technique exploiting end users by disguising malicious PowerShell commands as routine verification prompts, enabling threat actors to gain network access and exfiltrate data. Since March 2024, various threat actors including APT28 and MuddyWater have leveraged this method to target multiple industries globally. #ClickFix #APT28 #MuddyWater

Read More
APT PROFILE – MISSION2025

MISSION2025, also known as APT41, is a Chinese state-sponsored threat group active since 2012, focusing on cyberespionage and financially motivated attacks aligned with China’s strategic goals. Their recent campaigns feature sophisticated use of cloud services for command and control and exploitation of software vulnerabilities to target governments and critical infrastructure globally. #MISSION2025 #APT41 #TOUGHPROGRESS #IvantiEPMM

Read More
Cybersecurity News | Daily Recap [10 Jun 2025]

Chinese-linked groups including APT41, PurpleHaze, and APT15 targeted global enterprises and infrastructure with ShadowPad and GOREshell malware, while a North Korea-linked group exploited social media for malware campaigns. Vulnerabilities in Roundcube, SAP NetWeaver, and Wazuh server were actively exploited, leading to data breaches and DDoS attacks; meanwhile, major outages impacted Heroku and OpenAI. #APT41 #ShadowPad #WazuhVulnerability #HerokuOutage

Read More
The Week in Vulnerabilities: Cyble Warns of Rising Exploits Targeting ICS, Enterprise, and Web Systems

Between May 28 and June 3, 2025, multiple high-severity vulnerabilities were actively exploited by various threat actors, including a China-linked APT group targeting diverse industries. Cyble Research & Intelligence Labs observed increased exploit attempts, malware campaigns, and critical infrastructure risks, emphasizing the urgency of patching and enhanced cybersecurity measures. #CVE-2024-56145 #CVE-2025-5419 #ChinaAPT #MiraiBotnet

Read More
CVE-2025-33053, Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage

Check Point Research revealed a sophisticated campaign by the APT group Stealth Falcon exploiting a zero-day vulnerability (CVE-2025-33053) through malicious .url files to deliver custom malware implants such as the Horus Agent. The group targets government and defense sectors in the Middle East and Africa using spear-phishing, WebDAV exploitation, and customized post-exploitation tools including keyloggers and credential dumpers. #StealthFalcon #CVE2025-33053 #HorusAgent

Read More
Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

A sophisticated cyberespionage campaign attributed to Stealth Falcon involves a zero-day vulnerability (CVE-2025-33053) in Microsoft Windows WebDAV to infiltrate defense organizations in the Middle East and Africa. The attackers utilized malicious .url files, custom malware loaders, and a C++ implant called Horus, demonstrating advanced obfuscation and stealth techniques. #StealthFalcon #CVE-2025-33053…

Read More
Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws

This article discusses Microsoft’s June 2025 Patch Tuesday, which resolves 66 vulnerabilities including one actively exploited zero-day and one publicly disclosed zero-day. Key fixes target critical remote code execution and privilege escalation flaws, with additional updates from various vendors addressing vulnerabilities across multiple products. #WEBDAV #SMBClient #StealthFalcon

Read More
Cybersecurity News | Daily Recap [10 Jun 2025]

Recent cybersecurity updates include Chinese state-sponsored actors exploiting the NICKNAME zero-click iMessage vulnerability to target high-profile individuals in the US and EU, while US authorities seize cryptocurrency linked to North Korean sanctions evasion. Multiple organizations, including NHS UK and United Natural Foods, suffered ransomware and cyberattacks affecting critical services and operations. #NICKNAMEExploit #UNC1151 #Qilin #MiraiBotnet #SalesforceZeroDay #CryptoPhishing

Read More