As of 2025, North Korea-linked threat actors are emerging not only through financial fraud but also through cyber infiltration strategies involving remote recruitment.
In this case, the Lazarus threat actor’s sub-group “Famous Chollima” attempted to secure a position at a Western tech company using fake resumes and AI-based facial filters.
The Iran-backed MuddyWater (TA450) APT group has escalated its cyber espionage operations targeting government, diplomatic, and energy entities in the MENA region (including Turkey) using an advanced toolkit.
Windows RasMan 0-Day (CVE-2025-59230): Actively Exploited Vulnerability Patched, But Risk Remains
The CVE-2025-59230 vulnerability, which was fixed as part of Microsoft‘s October 2025 Patch Tuesday update, was a 0-day vulnerability discovered and actively exploited in the Remote Access Connection Manager (RasMan) component of Windows.
The vulnerability was due to a local privilege escalation (EoP) flaw that allowed attackers to gain “SYSTEM” level privileges from a low-privilege user account.
Microsoft has released a patch to close this vulnerability; however, systems that have not been patched are still at serious risk.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Sea Turtle is known as a cyber espionage group of Turkish origin.
The threat group is also known under the names “Sea Turtle”, “Teal Kurma”, “Marbled Dust”, “SILICON” and “Cosmic Wolf”. They are estimated to be based in Turkey. It is known that they have been performing since 2017.
SMTP Smuggling is a technique that allows you to send e-mail from almost any e-mail address by hiding another e-mail message in the data flow of an e-mail communication. Basically, another e-mail is injected into the message by exploiting interpretation differences in the SMTP protocol. Since the main message successfully passes security checks such as SPF, DKIM and DMARC, the injected message is delivered to the recipient boxes without any warning.
“Web” is the common name for the World Wide Web (WWW), a collection of pages that can be easily accessed through any web browser. Unfortunately, some people today think that the Internet is just about search engines. However, the Internet is a whole world beyond those search engines. Within this broad framework, the Internet world is divided into three main layers.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.