North Korea's Konni Group Hijacks KakaoTalk to Spread EndRAT Malware (1 minute read)
Konni actors used spear-phishing to compromise victims, then leveraged their KakaoTalk accounts to push malware to contacts.
Konni actors used spear-phishing to compromise victims, then leveraged their KakaoTalk accounts to push malware to contacts.
Iran-linked actors hit a medical technology firm in what analysts call a preview of more aggressive cyber operations as regional conflict intensifies.
Beijing grants Tajikistan $61M to build nine border posts as attacks on Chinese nationals escalate.
Iran deployed an Intune-based wiper against medical device maker Stryker; Qihoo 360's AI leaked its own TLS private key.
Xi Jinping has removed five of six Central Military Commission generals since 2022, including top general Zhang Youxia.
Israel struck Tehran and reportedly targeted Ali Larijani, Secretary of Iran's Supreme National Security Council. The strike marks a dramatic escalation in direct Israeli military action inside Iran.
Central Asian states rely heavily on Iranian transit corridors as their primary path to global maritime trade.
Russia is running hybrid operations to destabilize Armenia ahead of elections and block its westward shift. U.S. and EU support is deemed critical to Armenia holding a free democratic vote.
Russia's proposed 'Dmitriev package' offers economic reintegration in exchange for sanctions relief and financial system access.
China's annual Two Sessions meeting unveiled the 15th Five-Year Plan, outlining economic and political direction to 2030.
Beijing risks a severe oil crunch if Iran-linked Hormuz disruptions materialize amid fragile US-China diplomacy. China's energy dependency on Gulf routes is a critical geopolitical vulnerability.
CISA acting director Nick Andersen says interagency relationships, not formal lead-agency designations, should drive critical infrastructure protection.
Japan's government approved Self-Defense Force offensive cyber operations effective October 1st, a historic shift from purely defensive posture.
The EU sanctioned Emennet Pasargad, an Iranian state-linked front company, for cyberattacks including election interference and the Charlie Hebdo breach.
The EU Council sanctioned three entities and two individuals linked to cyberattacks on European critical infrastructure.
Lazarus group hackers breached crypto e-commerce platform Bitrefill, exfiltrating emails, crypto addresses, and IP metadata on 18,500 customers.
Medusa ransomware gang claims attacks on Mississippi's largest hospital and a New Jersey county, causing nine days of outage. Critical healthcare infrastructure remains a prime ransomware target.
LeakNet ransomware gang uses ClickFix social engineering for initial access and a Deno-based loader to evade detection.
BeyondTrust researchers found Amazon Bedrock AgentCore, LangSmith, and SGLang allow DNS-based data exfiltration and remote code execution.
CISA warns multiple vulnerabilities in Siemens SICAM SIAPP SDK allow denial of service, data corruption, and simulation environment exploitation.