Lazarus Group's Cryptocurrency Heists: Bybit, BingX, and Phemex Under Siege
The Lazarus Group has intensified its focus on cryptocurrency exchanges, executing high-profile hacks on Bybit...
Read more
Golden Chickens’ Modular MaaS: TerraStealerV2, TerraLogger, and the Evolving Threat to Financial and Recruitment Sectors
Golden Chickens (aka Venom Spider) is a financially motivated Eastern European threat actor operating a modular malware-as-a-service (MaaS) platform since at least 2017..
TheWizards APT: IPv6 SLAAC Spoofing, Spellbinder Malware, and Advanced Lateral Movement in Asia and the Middle East
TheWizards is a China-aligned APT group, active since at least 2022, specializing in espionage and influence operations across Asia and the Middle East. Their hallmark is the use of IPv6 SLAAC spoofing to hijack legitimate software update mechanisms—most notably Tencent QQ..
PurpleHaze’s Dynamic ORB Networks: Advanced Tactics, Detection Challenges, and Mitigation Strategies
PurpleHaze, an emerging Chinese state-sponsored threat group, operates highly dynamic multi-hop ORB networks that blend compromised IoT devices (notably SOHO routers with vulnerable firmware) and provisioned VPS to obscure command-and-control (C2) infrastructure.
DPRK's Evolving Cyber Arsenal: Overlapping Malware, Supply Chain Attacks, and Social Engineering in Cryptocurrency and Developer Sectors
North Korean threat actors Slow Pisces, Alluring Pisces, and Contagious Interview—operating under the Reconnaissance General Bureau—have escalated global cyber operations since 2023, focusing on cryptocurrency theft and espionage. Their campaigns employ advanced social engineering..