Campaign 2024     2026(5)  2025(58)  2024(58)  2023(1)  2022(0)

DATE

NAME

INFO

CATEGORY

SUBCATE

2024 (RMM) tools Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

CAMPAIGN

PHISHING
2024 FreeDrain FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network

CAMPAIGN

PHISHING
2024

Pahalgam Attack themed

Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government

CAMPAIGN

APT

2024 Hive0117 New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

CAMPAIGN

PHISHING
2024 DeceptionAds “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising

CAMPAIGN

MALWARETISING
2024 HubPhish Effective Phishing Campaign Targeting European Companies and Organizations

CAMPAIGN

Phishing
2024 Drops Zbot Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

CAMPAIGN

RANSOMWARE
2024 Earth Kasha Spear Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024

CAMPAIGN

PHISHING
2024 Secret Blizzard Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage

CAMPAIGN

ESPIONAGE
2024

Dream Job

Iranian “Dream Job” Campaign 11.24

CAMPAIGN

CAMPAIGN

2024

VEILDrive 

Unmasking VEILDrive: Threat Actors Exploit Microsoft Services for C2

CAMPAIGN

EXPLOIT

2024

CopyRh(ight)adamantys

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits

CAMPAIGN

EXPLOIT

2024

Typosquat 

Typosquat Campaign Targeting npm Developers

CAMPAIGN

MALWARE

2024 Rampant Phishing You’re Invited: Rampant Phishing Abuses Eventbrite

CAMPAIGN

PHISHING
2024 Gun Campaign TeamTNT’s Docker Gatling Gun Campaign

CAMPAIGN

CAMPAIGN
2024 ClickFix ClickFix tactic: The Phantom Meet

CAMPAIGN

SOCIAL
2024 SilentSelfie SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites

CAMPAIGN

CAMPAIGN
2024 SloppyLemming Unraveling SloppyLemming’s Operations Across South Asia

CAMPAIGN

Crypto
2024 Salt Typhoon China's 'Salt Typhoon' Cooks Up Cyberattacks on US ISPs

CAMPAIGN

ISP
2024 Earth Baxia Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC

CAMPAIGN

PHISHING
2024 Vanilla Tempest Highway Blobbery: Data Theft using Azure Storage Explorer

CAMPAIGN

Ransomware
2024 Storm clouds Storm clouds on the horizon: Resurgence of TeamTNT?

CAMPAIGN

CAMPAIGN
2024 Proxyjacking From Automation to Exploitation: The Growing Misuse of Selenium Grid for Cryptomining and Proxyjacking

CAMPAIGN

CRYPTOCURRENCY
2024 Crimson Palace Crimson Palace returns: New Tools, Tactics, and Targets

CAMPAIGN

APT
2024 Earth Preta Earth Preta Evolves its Attacks with New Malware and Strategies

CAMPAIGN

APT
2024 Voldemort The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”

CAMPAIGN

CAMPAIGN
2024 SLOW#TEMPEST From Cobalt Strike to Mimikatz: A Deep Dive into the SLOW#TEMPEST Campaign Targeting Chinese Users

CAMPAIGN

APT
2024 Tusk Tusk: unraveling a complex infostealer campaign

CAMPAIGN

Malware
2024 River of Phish SPEAR-PHISHING CASES FROM EASTERN EUROPE 2022-2024A TECHNICAL BRIEF

CAMPAIGN

Phishing
2024 Earth Baku A Dive into Earth Baku’s Latest Campaign

CAMPAIGN

CAMPAIGN
2024 Panamorfi A New Discord DDoS Campaign

CAMPAIGN

DDOS
2024 ERIAKOS "ERIAKOS" Scam Campaign: Detected by Recorded Future’s Payment Fraud Intelligence Team

CAMPAIGN

Scam
2024

DEV#POPPER campaign

The Securonix Threat Research team has been monitoring the threat actors behind the ongoing investigation into the DEV#POPPER campaign, we have identified additional malware variants linked to the same North Korean threat actors using similar, stealthy malicious code execution tactics, though now with much more robust capabilities.

CAMPAIGN

CAMPAIGN

2024

OneDrive Pastejacking

OneDrive Pastejacking: The crafty phishing and downloader campaign

CAMPAIGN

PHISHING

2024 CVE-2024-21412 Exploiting CVE-2024-21412: A Stealer Campaign Unleashed

CAMPAIGN

CVE
2024 Sustained Sustained Campaign Using Chinese Espionage Tools Targets Telcos

CAMPAIGN

CAMPAIGN
2024 Spinning YARN Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence

CAMPAIGN

Malware
2024 Earth Hundun's Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024

CAMPAIGN

CyberSpy
2024 APT28 APT28 campaign targeting Polish government institutions

CAMPAIGN

APT
2024 DEV#POPPER ANALYSIS OF DEV#POPPER: NEW ATTACK CAMPAIGN TARGETING SOFTWARE DEVELOPERS LIKELY ASSOCIATED WITH NORTH KOREAN THREAT ACTORS

CAMPAIGN

Campaign
2024 ArcaneDoor ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

CAMPAIGN

Spy
2024 FROZEN#SHADOW Attack Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover

CAMPAIGN

Campaign
2024 BlackTech  Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear

CAMPAIGN

Cyberespionage
2024 DuneQuixote DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

CAMPAIGN

Campaign
2024 Connect:fun In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign.

CAMPAIGN

Campaign
2024 SteganoAmor SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world

CAMPAIGN

Campaign
2024 DarkBeatC2 DarkBeatC2: The Latest MuddyWater Attack Framework

CAMPAIGN

APT
2024

eXotic Visit

ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps

CAMPAIGN

Android

2024

Raspberry Robin

Raspberry Robin Now Spreading Through Windows Script Files

CAMPAIGN

Virus

2024 ShadowRay ShadowRay: First Known Attack Campaign Targeting AI Workloads Actively Exploited In The Wild

CAMPAIGN

AI
2024 RedAlpha Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years.

CAMPAIGN

Campaign
2024 Copybara Fraud Operation On top of this fraud operation architecture, TAs exploit Social Engineering techniques for distributing the Copybara banking trojan, which typically involves smishing and vishing techniques, leveraging native-speaker operators. In particular, several samples reveal TAs distributing Copybara through seemingly legitimate apps, utilizing logos of well-known banks and names that sound authentic, such as “Caixa Sign Nueva”, “BBVA Codigo”, “Sabadell Codigo”.

CAMPAIGN

Operation
2024 Spinning YARN Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence

CAMPAIGN

Campaign
2024 SMUGX CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN

CAMPAIGN

Campaign
2024 Earth Preta Earth Preta Campaign Uses DOPLUGS to Target Asia

CAMPAIGN

Campaign
2024 Commando Cat The Nine Lives of Commando Cat: Analysing a Novel Malware Campaign Targeting Docker

CAMPAIGN

Cryptocurrency
2024 Mind Sandstorm New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

CAMPAIGN

Campaign
2024

DB#JAMMER

Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware

CAMPAIGN

Campaign