Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control.
The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the Russian information technology (IT) sector between 2024 and 2025 while staying undetected for extended periods of time
A Chinese APT is going where most APTs don't: deep into the cloud, compromising supply chains and deploying uncommon malware.
Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late
Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024
An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage.
The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
Google Mandiant's Jamie Collier on the Biggest Cloud Security ChallengesTo combat AI threats in 2025, security teams are set to enter the second phase of AI innovation in security by deploying semi-autonomous operations such as alert parsing, creation of high-priority item lists and risk remediation, said Jamie Collier, senior threat intelligence advisor at Mandiant.
The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based
Evidence Mounts for Chinese Hacking 'Quartermaster'A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye."
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.
Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration
Cybersecurity Researchers Detail Defenses Against Attackers Abusing Cloud ServicesWhile cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challenge posed by the illegitimate use of GitHub and offers essential defenses for users.
Halcyon said that Cloudzy has been playing a pivotal role in facilitating cyber-criminal activities