FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365 Federal authorities have dismantled a Russian GRU DNS hijacking network that compromised 18,000 routers across 120 countries to steal Microsoft 365 credentials.

winbuzzer.com/2026/04/10/f...

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

Webinar: From noise to signal - What threat actors are targeting next BleepingComputer will host a live webinar on April 30, 2026 exploring how threat actors leave observable signals across dark web forums, Telegram channels, and access broker marketplaces before launching attacks. Speakers from RansomLook and Flare Systems will explain how to identify meaningful chatter, track shifting attacker tactics, and turn external threat intelligence into prioritized defensive actions. #RansomLook #FlareSystems

On April 30, 2026, experts from RansomLook and Flare Systems will discuss how threat actors expose plans through dark web, Telegram, and marketplaces. Learn to decode signals and track evolving attacker tactics. #DarkWebIntel #ThreatActors

A Look Back at 11 of the Red Report 2026 Featured Threats Picus Security's Red Report 2026 analysis examined 11 attacks that illustrated six of the top 10 MITRE ATT&CK techniques abused in 2025, linking specific groups and malware to tactics such as process injection, scripting interpreters, masquerading, credential theft, and firewall manipulation. Follow-up IOC analysis of 147 network indicators (104 domains, 26 subdomains, 17 IPs) revealed mass bulk-registrations, early signs of malicious intent for many domains, and thousands of email- and client-connected domains and IPs tied to the campaigns #XLoader #EarthAmmit

Picus highlights 11 top ATT&CK techniques and notable threats from 2025, including STATICPLUGIN, SadBridge Loader, XLoader variants, APT36, and Kubernetes cryptojacking with 147 network IoCs analyzed. #ThreatActors #MalwareAnalysis #APT36

IOC overlap from axios attack und WAVESHAPER.

It appears highly probably that #DPRK was behind the #axios attack! (IOC comparison by x.com/dez_) A further noteworthy detail is that the #threatactors compromised the website npm.org (National Association of Pastoral Musicians) so they could host their #payloads on packages.npm.org! #cyber

Bearlyfy Targets 70+ Firms With Ransomware
Read More: buff.ly/2rcEOH9

#Bearlyfy #GenieLocker #RansomwareAttack #Hacktivism #CyberExtortion #RussiaCyber #ThreatActors #InfosecAlert

Telegram's Crackdown Changed How Threat Actors Act, But Not Where They Act Telegram ramped up moderation dramatically in 2025, removing over 43 million channels and groups, but enforcement produced containment rather than eradication as criminal ecosystems adapted. Continuous monitoring, dynamic detection, and rapid remediation remain essential for security teams to track resilient threat actor activity. #Telegram #CheckPointSoftware

Telegram removed over 43M channels in 2025, yet threat actors quickly resurfaced using gated access and backup channels. Enforcement contained but didn’t eradicate criminal networks. #TelegramModeration #ThreatActors #Russia

Justice Dept Seizes Iran Hacker Domains
Read More: buff.ly/O1LPc6w

#DOJ #DomainSeizure #IranCyber #CyberEspionage #ThreatActors #HarassmentCampaign #MedicalDeviceSecurity #InfosecNews

EU Sanctions Chinese And Iranian Firms
Read More: buff.ly/WmnIbLP

#EUSanctions #CyberSanctions #ChinaCyber #IranCyber #CriticalInfrastructure #CyberDiplomacy #ThreatActors #InfosecNews

Hackers Claim China Supercomputing Breach
Read More: buff.ly/JmvkRST

#ChinaCyber #Supercomputing #DataExfiltration #Monero #CyberEspionage #ThreatActors #HackerForums #InfosecNews

GitHub - spmedia/Threat-Actor-Usernames-Scrape: A collection of intel and usernames scraped from various cybercrime sources & forums. DarkForums, HackForums, Patched, Cracked, BreachForums, LeakBase, ... A collection of intel and usernames scraped from various cybercrime sources & forums. DarkForums, HackForums, Patched, Cracked, BreachForums, LeakBase, XSS, Dread, & more - spmedia/Threat-A...

500k+ threat actor usernames atm and quickly growing.

Should be able to hit 1M+ in 2026 :)

#cti #threatintel #osint #infosec #cybersecurity #hacking #threatactors #usernames #darkforums #hackforums #dread #oguser #xss #darknetarmy #ogu #leakbase #breachstars

github.com/spmedia/Thre...

US Charges BlackCat Ransomware Negotiator
Read More: buff.ly/jSzlALt

#BlackCat #ALPHV #RansomwareNegotiation #DOJCharges #CybercrimeCollusion #DigitalMint #ThreatActors #Infosec

Attackers Exploit FortiGate Devices
Read More: buff.ly/AeHDXlC

#FortiGate #Fortinet #NetworkSecurity #CredentialHarvesting #LateralMovement #CriticalInfrastructure #ThreatActors #InfosecAlert

Foreign Hacker Breached Epstein FBI Files
Read More: buff.ly/69ViVVV

#FBIbreach #CyberEspionage #SensitiveData #FederalInvestigation #NationalSecurity #CyberIntrusion #InfosecNews #ThreatActors

UNC4899 Hits Crypto Firm via Trojan
Read More: buff.ly/wEph0mD

#UNC4899 #NorthKoreaCyber #CryptoBreach #CloudCompromise #SocialEngineering #ThreatActors #BlockchainSecurity #Infosec

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of customers' overly permissive Experience Cloud guest user configurations to obtain access to sensitive

iT4iNT SERVER Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool VDS VPS Cloud #Salesforce #CyberSecurity #DataBreach #ThreatActors #AuraInspector

Russian Hackers Target Dutch Messaging
Read More: buff.ly/KgVOsSW

#RussiaCyber #SignalSecurity #WhatsAppSecurity #AccountHijacking #SocialEngineering #DutchIntelligence #CyberEspionage #ThreatActors

APT28 Uses Webhook Macro Malware
Read More: buff.ly/X04DuP0

#APT28 #OperationMacroMaze #MacroMalware #WebhookAbuse #RussiaCyber #SpearPhishing #CyberEspionage #ThreatActors

North Korean cyber actors intensify attacks with fake IT worker schemes and Contagious Interview tactics, targeting developers and tech firms. Stay alert! #CyberSecurity #ThreatActors #NorthKorea Link: thedailytechfeed.com/north-korean...

winbuzzer.com/2026/02/23/n...

Nigeria Scam Ring Busted: Seven Arrested After Meta Tip-Off

#Cybersecurity #Facebook #Instagram #WhatsApp #SocialMedia #MetaInc #Meta #BigTech #Cybercrime #Scams #Cryptocurrency #OnlineSafety #Fraud #UK #Nigeria #ThreatIntelligence #ThreatActors

MuddyWater Hits Mena With GhostFetch
Read More: buff.ly/xUXVvIx

#MuddyWater #OperationOlalampo #GhostFetch #IranCyber #CyberEspionage #MENAcyber #ThreatActors #MalwareCampaign

GAYINT Threat Actor Crosswalk Legitimate Threat Actor Names and Their Lame Industry Equivalents.

Here is a list of the @gayint updated and modernised APT group identifiers

https://blog.gayint.org/threatActorCrosswalk.html

I'm just a little disappointed there isn't a MOIST FLANGE or NEON CAPYBARA APT as yet 😉

winbuzzer.com/2026/02/19/f...

Fake CAPTCHA Trick Installs StealC on Windows PCs

#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency

Count on it.
That silence will be the scariest part. Why wouldn’t it be like this? The path of least resistance. Lazy makes easy for the nosy.
This is a cute story.
#Cyber #CyberSecurity #AI
#Foreign #ThreatActors
youtu.be/r_rPkQ4Pzis?...

Top 3 Threat Actors Targeting the Insurance Industry Threat actors are increasingly targeting the insurance industry. Understand the tactics these groups use with analysis from Outpost24.

𝗧𝗼𝗽 𝟯 𝗧𝗵𝗿𝗲𝗮𝘁 𝗔𝗰𝘁𝗼𝗿𝘀 𝗧𝗮𝗿𝗴𝗲𝘁𝗶𝗻𝗴 the #InsuranceIndustry

New insights on our blog. Read here: buff.ly/9fvnAVl

#ThreatActors #CyberThreat #CyberSecurity

Threat Actors Turn to LLMs to Enhance Attacks, Google Says Threat actors are increasinly relying on large language models (LLMs) to plan and execute cyber-attacks, new search from Google has found.

Threat actors are increasinly relying on large language models (LLMs) to plan and execute cyber-attacks, new search from Google Threat Intelligence Group (GTIG) has found.

Full story
www.digit.fyi/threat-actor...

#Tech | #News | #LLMs | #AI | #ThreatActors | #Cybersecurity

Google: Nation-State Hackers are Weaponizing Gemini AI for Cyberattacks Google has reported that nation-state hackers are weaponizing Gemini AI across every stage of cyberattacks, conducting reconnaissance and building novel malware frameworks.

winbuzzer.com/2026/02/13/n...

Google: Nation-State Hackers are Weaponizing Gemini AI for Cyberattacks

#AI #GoogleGemini #Google #Cybersecurity #GenAI #GoogleThreatIntelligenceGroup #ThreatActors #ThreatIntelligence #NorthKorea #Russia #China #Iran #Malware #Cybercrime

RAMP is dead , TIER-ONE is Alive

#threatactors #threatintel #ransomware

Police Arrest Seller Of JokerOTP Tool
Read More: buff.ly/kazEEpJ

#JokerOTP #MFABypass #PhishingAutomation #CybercrimeArrest #NetherlandsPolice #FinancialFraud #ThreatActors #InfosecNews

North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns North Korean threat actors are impersonating real professionals on LinkedIn to infiltrate companies by applying to remote roles.

Full Article: www.technadu.com/north-korean...

How is your organization verifying remote candidates and professional identities?
Comment your opinion below.
#CyberSecurity #SocialEngineering #DPRK #ThreatActors #LinkedIn #CyberEspionage #InfoSec

China-Linked DKnife Targets Routers
Read More: buff.ly/0Lsz62q

#DKnife #ChinaCyber #EdgeDeviceSecurity #RouterAttacks #AdversaryInTheMiddle #NetworkSecurity #ThreatActors #CyberEspionage