A recent GitHub supply chain attack on March 17, 2025, compromised a GitHub Actions tool, affecting 23,000 organizations. This incident highlights the vulnerability of software development tools, with attackers altering code to leak secrets.
North Korean threat actors Slow Pisces, Alluring Pisces, and Contagious Interview—operating under the Reconnaissance General Bureau—have escalated global cyber operations since 2023, focusing on cryptocurrency theft and espionage. Their campaigns employ advanced social engineering..
Lotus Panda (aka Lotus Blossom, Spring Dragon, Billbug, Bronze Elgin, Bitterbug) is a Chinese state-sponsored APT group active since at least 2009, specializing in cyber espionage against Southeast Asian governments and critical sectors.
CryptoChameleon is an advanced phishing kit distributed via phishing-as-a-service platforms, enabling rapid, scalable attacks against cryptocurrency users, financial institutions, and related sectors...
SpyNote, BadBazaar, and MOONSHINE are prominent mobile malware families primarily targeting Android devices.