Tag: group

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Feb 14, 2026 12:58 PM

Tags: apt, attack, defense, google, government, group, hacker, intelligence, malware, military, russia, service, threat, ukraine

A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional…
Critical BeyondTrust RS vulnerability exploited in active attacks

Feb 14, 2026 1:58 AM

Tags: access, attack, authentication, computer, exploit, github, group, hacker, injection, network, ransomware, saas, software, tool, update, vulnerability

remote access.exe and others.”The attackers also managed to create domain accounts using the net user command and then added them to administrative groups such as “enterprise admins” or “domain admins.”The AdsiSearcher tool was used to search the Active Directory environment for other computers and PSexec was used to install SimpleHelp on multiple devices.The researchers also…
New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Feb 13, 2026 11:58 PM

Tags: attack, cisco, finance, framework, group, service, technology, threat

A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, tracked as UAT-9921, using a new modular attack framework called VoidLink. The group targets organizations in the technology and financial services sectors. The flexible design of VoidLink suggests…
Fintech lending giant Figure confirms data breach

Feb 13, 2026 10:58 PM

Tags: breach, data, data-breach, fintech, group, hacker, hacking

The company said hackers downloaded “a limited number of files” after breaking into an employee’s account. The hacking group ShinyHunters took responsibility for the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/13/fintech-lending-giant-figure-confirms-data-breach/
Ransomware Groups Claimed 2,000 Attacks in Just Three Months

Feb 13, 2026 7:58 PM

Tags: attack, breach, group, ransomware, supply-chain

Ransomware attacks surged 52% in 2025, with supply chain breaches nearly doubling as groups like Qilin drive record monthly incidents worldwide. The post Ransomware Groups Claimed 2,000 Attacks in Just Three Months appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ransomware-attacks-surge-2025/
Nation-State Hackers Put Defense Industrial Base Under Siege

Feb 13, 2026 6:58 PM

Tags: china, defense, espionage, group, hacker, russia, zero-day

Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/nation-state-hackers-defense-industrial-base-under-siege
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Feb 13, 2026 6:58 PM

Tags: attack, defense, google, government, group, intelligence, malware, military, russia, threat, ukraine

A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL.Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and First seen on…
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Feb 13, 2026 6:58 PM

Tags: china, cyber, defense, google, group, intelligence, iran, korea, north-korea, russia, threat

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG).The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense…
Senegalese Data Breaches Expose Lack of Security Maturity

Feb 13, 2026 3:58 PM

Tags: breach, data, group

Green Blood Group steals personal records and biometric data of the West African nation’s nearly 20 million residents. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/hackers-breach-senegal-national-biometric-database
Google fears massive attempt to clone Gemini AI through model extraction

Feb 13, 2026 1:58 PM

Tags: access, ai, api, attack, china, ciso, cybercrime, cybersecurity, defense, exploit, google, government, group, hacker, intelligence, iran, jobs, korea, LLM, malicious, malware, north-korea, phishing, russia, service, social-engineering, threat, vulnerability

Nation-state groups used Gemini to accelerate attack operations: Google sees itself not just as a potential victim of AI cybercrime, but also an unwilling enabler. Its report documented how government-backed threat actors from China, Iran, North Korea, and Russia integrated Gemini into their operations in late 2025. The company said it disabled accounts and assets…
state-backed hackers exploit Gemini AI for cyber recon and attacks

Feb 13, 2026 12:59 PM

Tags: ai, apt, attack, cyber, exploit, google, group, hacker

Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to…
Chrome Extensions Infect 500K Users to Hijack VKontakte Accounts

Feb 13, 2026 12:59 PM

Tags: browser, chrome, cyber, group, infrastructure, malware, threat, tool

A long-running Chrome extension malware campaign has silently hijacked more than 500,000 VKontakte (VK) accounts, forcing users into attacker-controlled groups, resetting their settings every 30 days, and abusing VK’s own infrastructure as command-and-control. What appeared to be harmless VK customization tools were in reality a tightly maintained malware project operated by a single threat actor…
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group

Feb 13, 2026 11:58 AM

Tags: apt, china, cyber, group, international, network, security-incident, technology

In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820). Been active since May 2024, the group’s operations are marked by high strategic coherence and technical sophistication. Its primary targets are professionals in Chinese universities and research institutions specializing in international relations, marine technology, and related…The…
Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks

Feb 13, 2026 9:58 AM

Tags: ai, api, cyberattack, exploit, google, group, intelligence, malware, phishing, threat

In the fourth quarter of 2025, the Google Threat Intelligence Group (GTIG) reported a significant uptick in the misuse of artificial intelligence by threat actors. According to GTIG’s AI threat tracker, what initially appeared as experimental probing has evolved into systematic, repeatable exploitation of large language models (LLMs) to enhance reconnaissance, phishing, malware development, and post-compromise…
BADIIS Malware Targets Over 1,800 Windows Servers in Massive SEO Poisoning Attack

Feb 13, 2026 6:58 AM

Tags: attack, china, cyber, cybercrime, group, malicious, malware, windows

Over 1,800 Windows IIS servers worldwide have been compromised in a large-scale search engine optimization (SEO) poisoning campaign driven by the BADIIS malware, a malicious IIS module used to hijack legitimate web traffic. The operation, tracked by Elastic Security Labs as REF4033, is attributed to a Chinese-speaking cybercrime group that monetizes these compromised servers by…
Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with >>Graphalgo<< Malware

Feb 13, 2026 1:58 AM

Tags: crypto, group, jobs, lazarus, malware

The post Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with >>Graphalgo<< Malware appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/dream-job-or-nightmare-lazarus-group-hunts-crypto-devs-with-graphalgo-malware/
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Feb 12, 2026 7:58 PM

Tags: ai, attack, cyber, google, group, hacker, hacking, intelligence, korea, north-korea, threat, tool

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction…
Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

Feb 12, 2026 3:58 PM

Tags: ai, apt, google, group, hacker, malware, tool, vulnerability

Researchers found that APT groups were using the AI tool for coding and scripting tasks, gathering information about potential targets, researching publicly known vulnerabilities and enabling post-compromise activities. First seen on therecord.media Jump to article: therecord.media/nation-state-hackers-using-gemini-for-malicious-campaigns
Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

Feb 12, 2026 3:58 PM

Tags: ai, apt, google, group, hacker, malware, tool, vulnerability

Researchers found that APT groups were using the AI tool for coding and scripting tasks, gathering information about potential targets, researching publicly known vulnerabilities and enabling post-compromise activities. First seen on therecord.media Jump to article: therecord.media/nation-state-hackers-using-gemini-for-malicious-campaigns
Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

Feb 12, 2026 3:58 PM

Tags: ai, apt, google, group, hacker, malware, tool, vulnerability

Researchers found that APT groups were using the AI tool for coding and scripting tasks, gathering information about potential targets, researching publicly known vulnerabilities and enabling post-compromise activities. First seen on therecord.media Jump to article: therecord.media/nation-state-hackers-using-gemini-for-malicious-campaigns
Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

Feb 12, 2026 3:58 PM

Tags: ai, apt, google, group, hacker, malware, tool, vulnerability

Researchers found that APT groups were using the AI tool for coding and scripting tasks, gathering information about potential targets, researching publicly known vulnerabilities and enabling post-compromise activities. First seen on therecord.media Jump to article: therecord.media/nation-state-hackers-using-gemini-for-malicious-campaigns
DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023

Feb 12, 2026 2:58 PM

Tags: cyber, cybercrime, group, ransomware, service, threat

DragonForce is a ransomware group that has rapidly evolved into a cartel-style operation, extending its reach across the cybercrime ecosystem since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, the group now positions itself not just as a single gang, but as a platform for other threat actors and affiliate crews. Over time, the group shifted from…
World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

Feb 12, 2026 2:58 PM

Tags: attack, cybersecurity, extortion, group, leak, malware, ransomware

Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/world-leaks-ransomware-rustyrocket/
Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs

Feb 12, 2026 12:59 PM

Tags: attack, credentials, cyber, cybercrime, group, threat, vmware

The cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack provide valuable insight into the operational playbook of this threat actor. This single VM acted as the attackers’ beachhead, revealing a detailed, step-by-step view of how the group conducts reconnaissance, steals credentials, and moves laterally…
Senegalese Data Breaches Expose Lack of ‘Security Maturity’

Feb 12, 2026 10:58 AM

Tags: breach, data, group

Green Blood Group steals personal records and biometric data of the West African nation’s nearly 20 million residents. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/hackers-breach-senegal-national-biometric-database
Google says hackers are abusing Gemini AI for all attacks stages

Feb 12, 2026 8:58 AM

Tags: access, ai, api, attack, google, group, hacker, intelligence, threat

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to systematically probe models and replicate their logic and reasoning. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-says-hackers-are-abusing-gemini-ai-for-all-attacks-stages/
Google says hackers are abusing Gemini AI for all attacks stages

Feb 12, 2026 8:58 AM

Tags: access, ai, api, attack, google, group, hacker, intelligence, threat

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to systematically probe models and replicate their logic and reasoning. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-says-hackers-are-abusing-gemini-ai-for-all-attacks-stages/
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware

Feb 12, 2026 8:58 AM

Tags: cyber, github, group, lazarus, malware, pypi, software, supply-chain

Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open”‘source ecosystems to deliver malware to cryptocurrency”‘focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi”‘stage payloads behind seemingly legitimate coding tasks and packages. Since early May 2025, attackers have been approaching JavaScript and Python developers via…
Apple 0-Day Flaw Actively Exploited in Targeted Cyberattacks on Individuals

Feb 12, 2026 6:58 AM

Tags: apple, cve, cyber, cyberattack, exploit, flaw, google, group, hacker, threat, update, vulnerability, zero-day

Apple has released emergency security updates for iOS and iPadOS to fix a critical >>zero-day<>extremely sophisticated<< cyberattacks targeting specific individuals. The Critical Flaw: CVE-2026-20700 The vulnerability […] The post Apple 0-Day Flaw Actively Exploited in Targeted Cyberattacks on Individuals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on…
0APT ransomware group rises swiftly with bluster, along with genuine threat of attack

Feb 11, 2026 11:58 PM

Tags: attack, group, ransomware, threat

Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded in truth backed by proven capabilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/0apt-ransomware-group-hoax-technical-capabilities/