-
Zoom Stealer browser extensions harvest corporate meeting intelligence
A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft Edge users through 18 extensions that collect online meeting-related data like URLs, IDs, topics, descriptions, and embedded passwords.
- December 30, 2025
- 10:41 AM
0
-
Anthropic claims of Claude AI-automated cyberattacks met with doubt
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI model.
- November 14, 2025
- 01:31 PM
2
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
China-linked hackers exploited Lanscope flaw as a zero-day in attacks
China-linked cyber-espionage actors tracked as 'Bronze Butler' (Tick) exploited a Motex Lanscope Endpoint Manager vulnerability as a zero-day to deploy an updated version of their Gokcpdoor malware.
- November 01, 2025
- 10:16 AM
- 0
-
North Korean Lazarus hackers targeted European defense companies
North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures.
- October 23, 2025
- 08:38 AM
- 1
-
Russian hackers evolve malware pushed in "I am not a robot" captchas
The Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families (NoRobot, MaybeRobot) deployed in complex delivery chains that start with ClickFix social engineering attacks.
- October 21, 2025
- 11:13 AM
- 0
-
Chinese hackers abuse geo-mapping tool for year-long persistence
Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell.
- October 14, 2025
- 08:28 AM
- 1
-
Google: Brickstorm malware used to steal U.S. orgs' data for over a year
Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors.
- September 24, 2025
- 10:00 AM
- 0
-
XenoRAT malware campaign hits multiple embassies in South Korea
A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories.
- August 18, 2025
- 03:38 PM
- 0
-
Curly COMrades cyberspies hit govt orgs with custom malware
A new cyber-espionage threat group has been using a custom backdoor malware that provides persistent access through a seemingly inactive scheduled task.
- August 12, 2025
- 10:43 AM
- 0
-
'Batavia' Windows spyware campaign targets dozens of Russian orgs
A previously undocumented spyware called 'Batavia' has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures.
- July 07, 2025
- 12:48 PM
- 0
-
Canada says Salt Typhoon hacked telecom firm via Cisco flaw
The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.
- June 23, 2025
- 11:23 AM
- 0
-
Washington Post's email system hacked, journalists' accounts compromised
Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government.
- June 16, 2025
- 11:08 AM
- 2
-
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen.
- June 11, 2025
- 11:47 AM
- 0
-
Government webmail hacked via XSS bugs in global spy campaign
Hackers are running a worldwide cyberespionage campaign dubbed 'RoundPress,' leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations.
- May 15, 2025
- 03:14 PM
- 2
-
North Korea ramps up cyberspying in Ukraine to assess war risk
The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations.
- May 13, 2025
- 04:14 PM
- 0
-
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies.
- April 15, 2025
- 04:25 PM
- 0
-
RedCurl cyberspies create ransomware to encrypt Hyper-V servers
A threat actor named 'RedCurl,' known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines.
- March 26, 2025
- 10:06 AM
- 0
-
Chinese Weaver Ant hackers spied on telco network for 4 years
A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of compromised Zyxel CPE routers.
- March 24, 2025
- 01:53 PM
- 0
-
Silk Typhoon hackers now target IT supply chains to breach networks
Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers.
- March 05, 2025
- 01:18 PM
- 0
-
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers.
- February 20, 2025
- 11:11 AM
- 0
2
