APT Campaigns
82 article(s)
🗓 06 Jan 2026 · 👤 AGONY · 🌍 Asia
GravityRAT, a Pakistan-linked cyber-espionage tool, has evolved to target Windows, Android, and macOS devices. With new stealth tactics and persistent campaigns against Indian defense and government agencies, the malware poses a growing threat across platforms.
🗓 04 Jan 2026 · 👤 AGONY · 🌍 Asia
Patchwork’s latest campaign used ZIP archives and hidden MSBuild files to deliver Python malware to military targets, slipping past antivirus detection and deploying the stealthy StreamSpy Trojan.
🗓 03 Jan 2026 · 👤 AGONY · 🌍 Middle-East
Handala’s new ‘Alert’ division promises to amplify digital resistance, raising stakes in the world of hacktivist warfare. Netcrook investigates the group’s strategy and what it means for future cyber threats.
🗓 02 Jan 2026 · 👤 AGONY · 🌍 Asia
Cyber-espionage groups are targeting Indian government and academia with advanced RATs, using weaponized PDFs and cunning shortcuts. Learn how these attacks work and why vigilance is more critical than ever.
🗓 02 Jan 2026 · 👤 AGONY
The Careto hacker group, dormant for nearly a decade, has reemerged with sophisticated attack methods targeting high-value organizations. Investigators reveal new malware, novel persistence tricks, and a chilling reminder: some APTs never truly disappear.
🗓 02 Jan 2026 · 👤 AGONY
The notorious Careto (The Mask) hacker group has reappeared after years of silence, unleashing advanced cyberattack methods and targeting high-value organizations. Discover how their technical evolution places them among the world's most formidable digital adversaries.
🗓 31 Dec 2025 · 👤 AGONY · 🌍 Asia
APT36 is using weaponized Windows shortcut files in a sophisticated cyber-espionage campaign targeting Indian government systems. Discover how fileless malware, adaptive persistence, and deceptive tactics enable long-term, undetected access to sensitive data.
🗓 31 Dec 2025 · 👤 AGONY · 🌍 Asia
APT36 has launched a sophisticated cyber-espionage campaign against Indian government targets, using disguised Windows shortcut (LNK) files to deliver fileless malware, evade antivirus detection, and steal sensitive data.
🗓 30 Dec 2025 · 👤 AGONY · 🌍 Asia
Chinese APT group HoneyMyte has unleashed a kernel-mode rootkit to mask its ToneShell backdoor, targeting government agencies in Southeast Asia. Using stolen certificates and memory-only execution, this campaign sets a new bar for stealth and persistence.
🗓 30 Dec 2025 · 👤 AGONY · 🌍 Asia
HoneyMyte (Mustang Panda) is using a stealthy rootkit and the ToneShell backdoor to infiltrate government systems in Southeast Asia, bypassing antivirus defenses and remaining nearly undetectable.
