CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Kremlin-backed hackers have tried sabotage attacks against critical infrastructure in the Netherlands, the country's Military Intelligence and Security Service said in its annual report.
April 22nd, 2025 (about 2 months ago)
|
|
Description: ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks. [...]
April 21st, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66.
The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week.
"Net
April 21st, 2025 (about 2 months ago)
|
|
Description: The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER.
"While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool
April 20th, 2025 (about 2 months ago)
|
|
Description: Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]
April 18th, 2025 (about 2 months ago)
|
|
Description: Explore how Iran is leveraging AI for cyberwarfare, influence ops, military tech, and domestic surveillance. A deep dive into Tehran’s top-down AI strategy, partnerships with China and Russia, and implications for global security.
April 17th, 2025 (about 2 months ago)
|
|
Description: Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025.
The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
April 17th, 2025 (about 2 months ago)
|
|
April 16th, 2025 (about 2 months ago)
|
|
Description: Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.
While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to
April 16th, 2025 (about 2 months ago)
|
|
Description: Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]
April 15th, 2025 (2 months ago)
|