Google Disrupts IPIDEA Residential Proxy Network
Google researchers observed more than 550 individual threat groups using IPIDEA exit nodes during a one-week period earlier this month.
All topics
Intrusions
37 Posts
Cybercrime and APT Groups Exploiting WinRAR Bug
Exploitation of CVE-2025-8088 in the wild began before disclosure, with attacks confirmed as early as July 18, 2025.
Fortinet FortiGate Devices Targeted in New Campaign
This activity shares some similarities with a campaign that researchers at Arctic Wolf identified in December. That campaign started soon after Fortinet disclosed two authentication bypass flaws (CVE-2025-59718 and CVE-2025-59719).
A New Chinese APT Takes the Stage
Active since at least 2022, UAT-7290 demonstrates a significant capacity for conducting deep-seated espionage while simultaneously functioning as an initial access group.
Russian Hackers Target Misconfigured Edge Devices in ‘Concerning Evolution’ For Critical Infrastructure Attacks
Amazon researchers highlighted a "tactical pivot" by Russian GRU hackers who have been moving away from zero-day and N-day exploitation.
Broad Exploit Activity Targets React2Shell Flaw
The vulnerability was disclosed publicly on Dec. 3 and researchers and threat intelligence teams immediately began seeing opportunistic and targeted exploitation attempts.