Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: In a sanctions package including more than 150 new measures, the British government said it was closing loopholes being exploited by the Kremlin.
April 24th, 2025 (about 1 month ago)
|
|
April 24th, 2025 (about 1 month ago)
|
|
Description: A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. [...]
April 23rd, 2025 (about 1 month ago)
|
|
Description: Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software.
"The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs," Doctor Web said in an
April 23rd, 2025 (about 1 month ago)
|
|
Description: Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.
The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code
April 23rd, 2025 (about 1 month ago)
|
|
Description: Russia-linked phishing attacks targeting NGOs with ties to Ukraine ask victims to join a video call, and result in them gaining access to Microsoft 365 accounts,
April 22nd, 2025 (about 1 month ago)
|
|
Description: Kremlin-backed hackers have tried sabotage attacks against critical infrastructure in the Netherlands, the country's Military Intelligence and Security Service said in its annual report.
April 22nd, 2025 (about 2 months ago)
|
|
Description: ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks. [...]
April 21st, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66.
The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week.
"Net
April 21st, 2025 (about 2 months ago)
|
|
Description: The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER.
"While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool
April 20th, 2025 (about 2 months ago)
|