A Washington Times report claims that the alleged NSA hack of China's National Time Service Center might be an attempted US ploy to disrupt Chinese missile launches in the event of a military conflict

The Washington Times

Hack of Chinese state time center hints at U.S. advanced missile defense

The Chinese Ministry of State Security intelligence service disclosed in October that the U.S. National Security Agency has been engaged in a three...

Looks like the Aisuru botnet group created another botnet named Kimwolf that they are now using for DDoS attacks -1.83m infected systems -most are Android devices -uses EtherHiding and Tor

奇安信 X 实验室

Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices

Background On October 24, 2025, a trusted partner in the security community provided us with a brand-new botnet sample. The most distinctive feat...

The US government has remained the Tor Project's largest sponsor despite the organization's efforts to diversify its funding. The project raised $7.3 million last year, of which, $2.5 million came from the US government.

Transparency, Openness, and Our 2023-2024 Financials | Tor Project

Our federal tax filings and audited financial statements from the financial year 2023-2024 are now available. We upload all of our tax documents an...

Chinese APTs and their parent MSS bureau

The Many Arms of the MSS: Why Provincial Bureaus Matter in China’s Cyber Operations

Provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for ...

The ForumTroll cyber-espionage group has targeted political experts and scholars working at major Russian universities and research institutions This is the group that deployed Memento Labs' (HackingTeam) Dante spyware earlier this year via Chrome zero-days

Securelist

A new campaign by the ForumTroll APT group

Kaspersky's GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and de...

SafeBreach has uncovered new operations from an Iranian hacking group tracked as Prince of Persia and Infy, which it was believed to have ceased activity back in 2022

SafeBreach

Unmasking the Evolving Iranian Prince of Persia | SafeBreach

New research unmasks the evolving Iranian

The RansomHouse ransomware group is now using two keys to encrypt files

Unit 42

From Linear to Complex: An Upgrade in RansomHouse Encryption

Operators behind RansomHouse, a ransomware-as-a-service (RaaS) group, have upgraded their encryption methods from single-phase to complex and layered.

DataDog has launched pathfinding.cloud, a database of IAM permissions and permission sets that allow privilege escalation in AWS.

pathfinding.cloud - Understand, Detect & Demonstrate AWS IAM Privilege Escalation

Library of AWS IAM privilege escalation paths

The DomainTools security team looks at recent APT35 leaks showing how the group operates with extreme government oversight and bureaucracy, rather than a group of loose canon hackers

DomainTools Investigations | DTI

The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation - DomainTools Investigations | DTI

APT35/Charming Kitten's leaked documents expose the financial machinery behind state-sponsored hacking. Learn how bureaucracy, crypto micro-pa...

A Latvian crew member was detained for installing a RAT on an Italian ferry:

Bluesky Social

David Shipley (@davidshipley.bsky.social)

Don’t see this everyday. @patrick.risky.biz https://www.france24.com/en/live-news/20251217-france-probes-foreign-interference-after-malware-found...