Tag: advanced persistent threat
11 articles

GoSerpent Malware Evolves with Advanced Data Exfiltration Tactics
In late 2025, a new wave of malicious activity emerged, led by the evolved GoSerpent malware, which has been quietly lurking in the shadows since at least 2021. This stealthy backdoor has upgraded its data exfiltration tactics, putting organizations on high alert.

Helix Group Exploits SharePoint with Advanced Vishing Tactics
Helix Group hackers are using clever voice phishing tactics, often impersonating managers, to trick victims into handing over account access. They use a simple yet effective playbook, starting with a convincing phone call that sets the stage for a device-code phishing scheme.

Chinese APT Deploys TinyRCT Backdoor in Southeast Asia Cyberattacks
A Chinese advanced persistent threat actor, CL-STA-1062, has launched a series of cyberattacks in Southeast Asia, targeting government entities and state-owned energy firms with a new .NET backdoor called TinyRCT. This sophisticated attack tool is part of a hybrid toolkit used by the group, which has been active since March 2022.

Hackers Infiltrate Stock Exchange Executive's Outlook Mailbox for Months
Hackers stealthily infiltrated a senior stock exchange executive's Outlook mailbox, maintaining months-long control of their computer by masquerading as legitimate software. The alarming breach, detected as early as October 10, 2025, allowed the intruder to operate with SYSTEM-level privileges, the highest level of Windows access.

Iran-nexus APT Expands Espionage Ops with New RAT Variants
Unit 42 researchers have uncovered a sophisticated espionage campaign by an Iran-linked threat group, dubbed Screening Serpens, which has deployed six new remote access Trojan (RAT) variants to target entities across the US, Israel, and the Middle East. These variants, part of two distinct malware families, signal a significant expansion of the group's cyber spying operations.

Webworm APT Expands European Reach with Evolved Tactics
Meet Webworm, a China-aligned APT group that's now setting its sights on European governments and beyond, with a semi-opportunistic approach that's taken its targets to Belgium, Italy, Poland, Serbia, Spain, and even South Africa. This threat actor's evolved tactics signal a concerning expansion of its reach.

Ivanti, Palo Alto Networks Flaws Exploited in Active Attacks
Meet Quasar Linux RAT, a sneaky malware that combines remote access, evasion, and data theft capabilities, making it a potent threat to Linux systems. This powerful tool lets hackers secretly control infected hosts, harvest sensitive info, and even create a network of compromised devices that communicate with each other.

Researchers Uncover Fast16 Malware's Stealthy Industrial Sabotage Role
Researchers have uncovered a highly sophisticated malware, Fast16, designed to secretly sabotage industrial operations by subtly manipulating critical calculations, leading to potentially catastrophic failures. This stealthy threat can silently spread across networks, altering results in high-precision applications and causing damage to real-world equipment.

Researchers Uncover Fast16 Malware That Preceded Stuxnet
Meet fast16.sys, a sneaky kernel driver that intercepts and modifies executable code as it's read from disk, giving its creators unprecedented control over the storage stack and filesystem. This boot-start filesystem component was a game-changer in its time, and researchers are still unraveling its secrets.

Researchers Uncover 'fast16' Malware Targeting Engineering Software Years Before Stuxnet
Researchers have uncovered a long-forgotten malware, fast16, that was designed to sabotage engineering software, beating even the infamous Stuxnet by at least five years. This ancient cyber threat, dating back to 2005, was engineered to spread rapidly and produce inaccurate calculations across entire facilities.
New Trojan STX RAT Targets Finance Sector with Sophisticated Stealth Methods
Meet STX RAT, a sneaky new remote access trojan that's got its sights set on the finance sector, using advanced stealth methods and command-and-control capabilities to evade detection. This latest threat is a wake-up call for defenders, testing their readiness to respond to increasingly sophisticated attacks.