Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1430
Threat Actor Objects
21444
Documents talking Threat Actor
50
Active Sources
5
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Qilin
3 updates this week.
71.43%
ransomware
extortion
raas
malware
lockbit
linux
ransom
ransomhub
cybercrime
encryption
+75 other associations
Qilin, a threat actor known for its malicious activities in the cyberspace, has been on the rise with an increase in victim count by 44% reaching 140 in Q3. This group is part of the Octo Tempest group which recently added RansomHub and Qilin ransomware to its arsenal, enhancing its capabilities to
Alphv
3 updates this week.
200%
ransomware
lockbit
malware
ransom
raas
ransomhub
extortion
esxi
encryption
windows
+289 other associations
Alphv, also known as BlackCat, is a threat actor group that has been linked to numerous cyberattacks, particularly targeting the healthcare sector. The group made headlines when it stole 5TB of data from Morrison Community Hospital, causing significant disruption and raising concerns about patient p
Salt Typhoon
3 updates this week.
100%
apt
famoussparrow
state-sponso...
cisco
earth estries
government
volt typhoon
ghostemperor
chinese
email accounts
+64 other associations
Salt Typhoon, also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286, is a threat actor linked to China's Ministry of State Security. Active since at least 2020, this advanced persistent threat (APT) group has a history of targeting U.S. systems for intelligence gathering, particularl
Intelbroker
3 updates this week.
300%
source
breachforums
ssh
vulnerability
exploit
jira
credentials
cybercrime
+15 other associations
IntelBroker is a significant threat actor known for executing high-profile data breaches. The group, which could consist of a single individual or multiple persons, has been responsible for numerous cyberattacks on major corporations and government entities. IntelBroker's activities showcase a broad
Mint Sandstorm
2 updates this week.
300%
phishing
charming kit...
phosphorus
apt35
microsoft
exploit
ta453
apt
iranian
apt42
+52 other associations
Mint Sandstorm, an Advanced Persistent Threat (APT) group linked to Iran's Islamic Revolutionary Guard Corps (IRGC), has been identified as a significant cybersecurity threat. The group has demonstrated its capability to rapidly weaponize N-day vulnerabilities in common enterprise applications and c
Greencharlie
2 updates this week.
300%
phishing
domains
Apt42
2 updates this week.
300%
phishing
ta453
apt
charming kit...
whatsapp
apt42
phosphorus
apt35
email accounts
exploit
+49 other associations
APT42, also known as Charming Kitten, CharmingCypress, Storm-2035, Damselfly, Mint Sandstorm, TA453, and Yellow Garuda, is an Iran-nexus advanced persistent threat (APT) group that has been active in various cyberattacks. The group employs a range of tactics, techniques, and procedures (TTPs), such
Scattered Spider
2 updates this week.
-%
ransomware
phishing
credentials
alphv
cybercrime
esxi
exploit
lateral move...
malware
ransom
+121 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th