Threat Intelligence
-
Threats
Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity
In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is…
-
Threats
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited…
-
Phishing
Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE
At least two government-backed actors — including one Russian group — used the now-patched flaws in separate campaigns, Google says.…
-
Breaches
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Ravie LakshmananMar 30, 2026Threat Intelligence / Browser Security A new campaign has leveraged the ClickFix social engineering tactic as a…
-
Breaches
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber…
-
Breaches
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support…
-
Breaches
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed…
-
Breaches
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise…
-
Breaches
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Ravie LakshmananFeb 20, 2026Malware / Threat Intelligence Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised…
-
Threats
Forced Chrome extensions get removed, keep reappearing
Malwarebytes found a family of forced Chrome extensions that can’t be removed because of a policy change that tells users…
- 1
- 2
English
العربية
简体中文
Nederlands
Français
Deutsch
Italiano
Қазақ тілі
Кыргызча
Latviešu valoda
Lietuvių kalba
Português
Русский
Српски језик
Slovenčina
Slovenščina
Español
Türkçe
Українська
O‘zbekcha