The North Korean Kimsuky group has targeted think tanks, academic institutions and news media organizations in order to steal their credentials and gather intelligence.
The Lazarus Group has been compromising vulnerable IIS servers in an ongoing campaign.
A new macOS malware, called "RustBucket," is used in a multi-stage attack.
Google's elite Threat Analysis Group has revealed more details of the North Korean APT43 group, which is refers to as Archipelago.
A backdoor named Gopuram used by the Lazarus Group has been found in a small number of environments compromised in the 3CX supply chain attack.