RomCom: Russian Hacking Group
RomCom is a Russian hacking group that has exploited CVE-2025-8088, a WinRAR vulnerability, in attacks targeting Ukraine. They are known for cyber…
Category: Attack Groups
MITRE ATT&CK groups, threat actors, intrusion sets and activity clusters.
Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
Google Threat Intelligence Group (GTIG) has attributed a previously undocumented .NET backdoor named STOCKSTAY to the Russian state-sponsored threat actor Turla. The…
Turla: Russian State-Sponsored Cyber Espionage Group
Turla is a Russian state-sponsored threat actor known for sophisticated cyber espionage operations. They have been attributed to the STOCKSTAY backdoor used…
Sandworm: Russian Hacking Group Exploiting WinRAR Vulnerability
Sandworm is a Russian hacking group that has exploited CVE-2025-8088, a WinRAR vulnerability, in attacks targeting Ukraine. They are known for destructive…
Gamaredon: Russian Cyber Espionage Group
Gamaredon is a Russian cyber espionage group that has exploited CVE-2025-8088, a WinRAR vulnerability, in attacks targeting Ukraine. They are known for…
MuddyWater: Iranian State-Sponsored Cyber Group
An Iranian state-sponsored threat group known for targeting critical infrastructure and using tools like Langflow vulnerabilities for initial access.
OceanLotus Targets Vietnam Investors With SPECTRALVIPER in FireAnt Supply Chain Attack
ESET has uncovered two campaigns by the Vietnam-aligned threat actor OceanLotus (APT32) targeting domestic entities and stock investors with the SPECTRALVIPER backdoor.…
OceanLotus (APT32) Threat Actor Profile
OceanLotus, also known as APT32, is a Vietnam-aligned advanced persistent threat group active since 2012. It has historically targeted foreign entities, including…
APT32 — Attack group profile
APT32 was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories Ravie LakshmananJun 11, 2026Hacking News / Cybersecurity…