Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Explore how Iran is leveraging AI for cyberwarfare, influence ops, military tech, and domestic surveillance. A deep dive into Tehran’s top-down AI strategy, partnerships with China and Russia, and implications for global security.
April 17th, 2025 (about 8 hours ago)
|
|
Description: Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025.
The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
April 17th, 2025 (about 9 hours ago)
|
|
April 16th, 2025 (1 day ago)
|
|
Description: Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.
While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to
April 16th, 2025 (1 day ago)
|
|
Description: Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]
April 15th, 2025 (2 days ago)
|
|
Description: Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers a novel backdoor, GrapeLoader.
April 15th, 2025 (2 days ago)
|
|
Description: Sir Thomas Drew — previously a top official in the Foreign Office and a key figure in Britain's response to Russia's invasion of Ukraine — will be the U.K.'s ambassador to France as the two countries prepare to work more closely on security issues.
April 14th, 2025 (3 days ago)
|
|
|
Description: The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations.
April 11th, 2025 (6 days ago)
|
|
Description: A cyber-espionage campaign aimed at Russia has added malware that specifically targets flash drives, analysts at Kaspersky said.
April 11th, 2025 (6 days ago)
|
|
Description: The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul.
The activity, which took place between July and December 2024, singled out organizations in the mass media, telecommunications, construction, government entities, and energy sectors, Kaspersky said in a new report published Thursday.
Paper Werewolf, also known
April 11th, 2025 (6 days ago)
|