Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
Description: The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. "While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool
Source: TheHackerNews
April 20th, 2025 (about 14 hours ago)
Chinese hackers target Russian govt with upgraded RAT malware
Description: Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]
Source: BleepingComputer
April 18th, 2025 (2 days ago)
Iran’s AI Ambitions: Balancing Economic Isolation with National Security Imperatives
Description: Explore how Iran is leveraging AI for cyberwarfare, influence ops, military tech, and domestic surveillance. A deep dive into Tehran’s top-down AI strategy, partnerships with China and Russia, and implications for global security.
Source: RecordedFuture
April 17th, 2025 (3 days ago)
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
Description: Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
Source: TheHackerNews
April 17th, 2025 (3 days ago)
Russians lure European diplomats into malware trap with wine-tasting invite
Source: TheRegister
April 16th, 2025 (4 days ago)
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Description: Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024. While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to
Source: TheHackerNews
April 16th, 2025 (4 days ago)
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
Description: Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]
Source: BleepingComputer
April 15th, 2025 (5 days ago)
Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats
Description: Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers a novel backdoor, GrapeLoader.
Source: Dark Reading
April 15th, 2025 (5 days ago)
UK appoints security and intelligence specialist as ambassador to France
Description: Sir Thomas Drew — previously a top official in the Foreign Office and a key figure in Britain's response to Russia's invasion of Ukraine — will be the U.K.'s ambassador to France as the two countries prepare to work more closely on security issues.
Source: The Record
April 14th, 2025 (6 days ago)
Paper Werewolf Threat Actor Targets Flash Drives With New Malware
Description: The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations.
Source: Dark Reading
April 11th, 2025 (9 days ago)