Robuta

https://community.gurucul.com/articles/ThreatResearch/Suspected-China-Nexus-Threat-Actor-4-4-2025 Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability... A suspected China-linked group, UNC5221, is exploiting a critical vulnerability (CVE-2025-22457) in Ivanti Connect Secure VPN appliances (versions 22.7R2.5 and... threat actor https://www.proofpoint.com/us/threat-insight/post/threat-actor-goes-chrome-extension-hijacking-spree Threat actor goes on a Chrome extension hijacking spree | Proofpoint US Apr 11, 2023 - Proofpoint researchers track a number of Chrome extensions compromised for stealing credentials and hijacking web traffic. a chrome extensionthreat actorgoes https://www.eftsure.com/en-au/finance-glossary/what-is-a-threat-actor/ What is a threat actor? | Eftsure AU Threat actors, also known as malicious actors or ransomware actors, are individuals who intentionally cause harm to electronic devices like smartphones,... what is athreat actorau https://beta06.cyfirma.com/news/weekly-intelligence-trends-and-advisory-threat-actor-in-focus-rise-in-malware-ransomware-phishing-vulnerability-and-exploits-4-feb-2022/ Weekly Intelligence Trends and Advisory | Threat Actor in Focus | Rise in Malware, Ransomware,... Feb 4, 2022 - Threat Actor in Focus APT MuddyWater Engaged in Targeting Turkish Users by Using Malicious PDFs and Executables. Suspected Threat Actors:... threat actor https://www.huntandhackett.com/threats/actors/silent-librarian Threat actor profile: Silent Librarian | Hunt & Hackett Discover the Iranian threat actor Silent Librarian, known to target Western institutions for information theft and espionage. Learn about their tactics,... threat actorsilent librarianprofilehunthackett https://www.shenouda.nl/threat-actor-infy-prince-of-persia/ Threat Actor: Infy (Prince of Persia) - Joe Shenouda | Threat Intelligence Dec 21, 2025 - Infy (also known as Prince of Persia) is a persistent Iranian nation-state threat actor active since at least 2007. After a period of apparent dormancy... prince of persiathreat actorinfyjoeintelligence https://www.menlosecurity.com/ko-kr/resources/threat-actor-november-2021-ta551-threat-bulletin Threat Actor - November 2021 - TA551 | Menlo Security Menlo Labs is tracking a new campaign from threat group TA551, that is possibly targeting a small group of victims. threat actornovembermenlosecurity https://getsirv.com/platform-maps-visualisations-threat-actor-alerts/ Threat actor alerts and incident mapping for security teams | SIRV for security teamsthreat actoralertsincidentmapping https://nohacky.com/apt19-codoso.html APT19 / Codoso | Threat Actor Profile | NoHacky Mar 26, 2026 - APT19 (Codoso / C0d0so0) is a Chinese contractor-linked espionage group assessed as MSS-adjacent, targeting legal, financial, defense, and technology sectors... threat actorprofile https://cyberhoot.com/cybrary/threat-actor/ Threat Actor - CyberHoot Cyber Library Jul 23, 2020 - A Threat Actor is a person or group performing malicious or hostile actions intending to cause harm to the victim by using computers, devices, systems, or... threat actorcyberlibrary https://www.redhotcyber.com/post/coinbase-usa-threat-actor-dichiara-di-vendere-un-database-di-600-000-utenti/ Coinbase USA: Threat Actor dichiara di vendere un database di 600.000 utenti Sep 8, 2025 - Recentemente Threat Actors ha pubblicato all'interno di un forum underground la violazione del database di Coinbase di 600 000 utenti. threat actor https://strobes.co/vi/threat-actors/TeamXRat/ TeamXRat - Threat Actor Profile & Exploited CVEs | Strobes VI | Strobes VI Details about TeamXRat threat actor, their techniques, targets, and exploited vulnerabilities. threat actorprofileexploitedcvesstrobes https://ciso.economictimes.indiatimes.com/tag/threat+actor Threat actor - Latest threat actor , Information & Updates - IT Security -ET CISO ETCISO.in brings latest threat actor news, views and updates from all top sources for the Indian IT Security industry. threat actorlatest informationit securityupdateset https://nohacky.com/backdoordiplomacy.html BackdoorDiplomacy | Threat Actor Profile | NoHacky Mar 26, 2026 - BackdoorDiplomacy (Playful Taurus / APT15) is a China-aligned espionage group named for its singular focus on Ministries of Foreign Affairs. Active since at... threat actorprofile https://nohacky.com/evil-corp.html Evil Corp | Threat Actor Profile | NoHacky Profile of Evil Corp, the Russia-linked cybercrime group behind Dridex, BitPaymer, WastedLocker, Hades, and related financially motivated intrusion activity. evil corpthreat actorprofile https://www.cipher.com/es_ES/prosegur-cipher/recursos/descargables/akira.html Akira Threat Actor Report | Resources threat actorakirareportresources https://www.cyfirma.com/news/weekly-intelligence-trends-and-advisory-threat-actor-in-focus-rise-in-malware-ransomware-phishing-vulnerability-and-exploits-21-nov-2021/ Weekly Intelligence Trends and Advisory | Threat Actor in Focus | Rise in Malware, Ransomware,... Threat Actor in Focus Lazarus Group target researchers with trojanized IDA Pro Suspected Threat Actors: Lazarus Group Attack Type: Malware... threat actor https://www.dataprivacyandsecurityinsider.com/tag/cyber-threat-actor/ cyber threat actor | Data Privacy + Cybersecurity Insider cyber threatdata privacyactorcybersecurityinsider https://www.huntandhackett.com/threats/actors/sandworm Threat actor profile: Sandworm | Hunt & Hackett Explore the motivations, tactics and recent activities of the Iranian threat actor Sandworm. threat actorprofilesandwormhunthackett https://www.halcyon.ai/threat-actor-index Threat Actor Index The Halcyon Ransomware Threat Actor Index is a comprehensive catalog of the most prominent threat actors and ransomware families Discover their techniques,... threat actorindex https://www.anvilogic.com/threat-reports/iranian-apt-exploits-log4shell Iranian-backed Threat Actor Exploits Log4Shell Vulnerability A joint advisory from FBI and CISA attributed an attack against a Federal Civilian Executive Branch (FCEB) organization to an Iranian-backed threat group. threat actoriranianbackedexploitsvulnerability https://nohacky.com/maze-team-twisted-spider.html Maze Team / Twisted Spider | Threat Actor Profile | NoHacky Maze Team (Twisted Spider) invented double extortion ransomware in 2019, fundamentally changing how ransomware operates. Profile covers their TTPs, the Maze... threat actormazeteamtwistedspider https://malpedia.caad.fkie.fraunhofer.de/actor/bladedfeline BladedFeline (Threat Actor) BladedFeline is an Iran-aligned APT group that has been active since at least 2017, targeting Iraqi and Kurdish government officials for cyberespionage. The... threatactor https://malpedia.caad.fkie.fraunhofer.de/actor/storm-0494 Storm-0494 (Threat Actor) Storm-0494 is a threat actor that facilitates Gootloader infections, which are then exploited by groups like Vice Society to deploy tools such as the Supper... stormthreatactor https://apt.etda.or.th/cgi-bin/listgroups.cgi?c=USA Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://anchorednarratives.substack.com/p/trouble-in-asia-and-the-middle-east Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor. A case study into a threat actor that is likely originating from Pakistan which is leveraging CrimsonRat and malicious documents to control their targets. asia and the middle easttrouble https://apt.etda.or.th/cgi-bin/showcard.cgi?g=DNSpionage&n=1 DNSpionage - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Smoky%20Spider&n=1 Smoky Spider - Threat Group Cards: A Threat Actor Encyclopedia group cardssmokyspiderthreatactor https://apt.etda.or.th/cgi-bin/showcard.cgi?g=_Union%20Panda Union Panda - Threat Group Cards: A Threat Actor Encyclopedia group cardsunionpandathreatactor https://malpedia.caad.fkie.fraunhofer.de/actor/muddywater MuddyWater (Threat Actor) The MuddyWater attacks are primarily against Middle Eastern nations. However, we have also observed attacks against surrounding nations and beyond, including... threatactor https://apt.etda.or.th/cgi-bin/showcard.cgi?g=The%20White%20Company&n=1 The White Company - Threat Group Cards: A Threat Actor Encyclopedia the white companygroup cardsthreatactorencyclopedia https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Earth%20Kurma&n=1 Earth Kurma - Threat Group Cards: A Threat Actor Encyclopedia group cardsearthkurmathreatactor https://www.thenorsewarrior.net/p/netherlands-identifies-israel-as/comments Comments - Netherlands Identifies Israel as Threat Actor Netherlands National Coordinator for Counterterrorism and Security report. commentsnetherlandsidentifiesisraelthreat https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Volatile%20Cedar Volatile Cedar - Threat Group Cards: A Threat Actor Encyclopedia group cardsvolatilecedarthreatactor https://apt.etda.or.th/cgi-bin/showcard.cgi?g=RedDelta&n=1 RedDelta - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://apt.etda.or.th/cgi-bin/showcard.cgi?g=FIN5&n=1 FIN5 - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Planetary%20Reef&n=1 Planetary Reef - Threat Group Cards: A Threat Actor Encyclopedia group cardsplanetaryreefthreatactor https://apt.etda.or.th/cgi-bin/listgroups.cgi?c=Italy Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://cioaxis.com/hottopics/security/ransomware-threat-actor-behind-december-attack-via-exchange-identified-by-rackspace Ransomware Threat Actor Behind December Attack via Exchange Identified by Rackspace - CIO AXIS Jan 5, 2023 - CrowdStrike previously connected Play, the threat actor, to a new Outlook Web Access exploit method used in multiple attacks. Rackspace Technology has... https://apt.etda.or.th/cgi-bin/showcard.cgi?g=TA516&n=1 TA516 - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Blackgear&n=1 Blackgear - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://www.cybereason.com/blog/research/threat-actor-ta505-targets-financial-enterprises-using-lolbins-and-a-new-backdoor-malware Threat Actor TA505 Targets Financial Enterprises Using LOLBins and a New Backdoor Malware In this research, we introduce a meticulously planned, malicious operation against a financial institution in April of 2019 by TA505. https://aicyclopedia.com/leveraging-llms-to-unmask-threat-actor-communications/ Leveraging LLMs to Unmask Threat Actor Communications - AICYCLOPEDIA | The latest AI News, Tools, &... Nov 19, 2024 - Stylometric Analysis: A Key to Uncovering Threat Actors Stylometry, the study of linguistic patterns, has long been used to attribute texts to specific authors... https://malpedia.caad.fkie.fraunhofer.de/actor/bronze_edgewood BRONZE EDGEWOOD (Threat Actor) In early 2021 CTU researchers observed BRONZE EDGEWOOD exploiting the Microsoft Exchange Server of an organization in Southeast Asia. The threat group deployed... bronzeedgewoodthreatactor https://iplogger.org/de/blog/tag/threat-actor/ threat-actor ::description_blog_tag threatactor https://malpedia.caad.fkie.fraunhofer.de/actor/tonto_team Tonto Team (Threat Actor) Tonto Team is a Chinese-speaking APT group that has been active since at least 2013. They primarily target military, diplomatic, and infrastructure... tontoteamthreatactor https://www.prepper.life/glossary/threat-actor What is the definition or meaning of Threat Actor? Threat actors, also known as hackers, are cyber criminals that target the collection of PII, money, or damaging information. what is themeaning ofdefinitionthreatactor https://docs.recordedfuture.com/reference/threat-actor-threat-map-org Threat Maps: Threat Actor Map for Organization Rank threat actors by risk to a specific organization in a multi-org enterprise. threat mapsactororganization https://apt.etda.or.th/cgi-bin/showcard.cgi?g=%5BUnnamed%20groups%3A%20Russia%5D [Unnamed groups: Russia] - Threat Group Cards: A Threat Actor Encyclopedia group cardsunnamedgroupsrussiathreat https://malpedia.caad.fkie.fraunhofer.de/actor/apt19 APT19 (Threat Actor) Adversary group targeting financial, technology, non-profit organisations. threatactor https://malpedia.caad.fkie.fraunhofer.de/actor/operation_red_signature Operation Red Signature (Threat Actor) The threat actors compromised the update server of a remote support solutions provider to deliver a remote access tool called 9002 RAT to their targets of... operationredsignaturethreatactor https://malpedia.caad.fkie.fraunhofer.de/actor/chrysene CHRYSENE (Threat Actor) Adversaries abusing ICS (based on Dragos Inc adversary list). This threat actor targets organizations involved in oil, gas, and electricity production,... threatactor https://unit42.paloaltonetworks.com/threat-actor-groups-tracked-by-palo-alto-networks-unit-42/?pdf=download&lg=en&_wpnonce=d6cb270c4c Threat Actor Groups Tracked by Palo Alto Networks Unit 42 (Updated Aug. 1, 2025) Aug 1, 2025 - A comprehensive list of threat actor groups tracked by Unit 42, along with information such as summaries and industries typically impacted. https://apt.etda.or.th/cgi-bin/showcard.cgi?g=ZooPark&n=1 ZooPark - Threat Group Cards: A Threat Actor Encyclopedia group cardsthreatactorencyclopedia https://iranianthreatactors.com/hossein-parvar HOSSEIN PARVAR - Iranian Cyber Threat Actor Wanted for creating false social media personas to target U.S. Intelligence Community members. cyber threathosseiniranianactor https://sebastion.dev/intelligence/2026-05-03-juvenile-actor-breaches-french-administrative-identity-system-highlighting Juvenile actor breaches French administrative identity system, highlighting insider threat and data... May 3, 2026 - A 15-year-old was detained for allegedly stealing and selling data from France Titres (ANTS), the agency managing national identity and administrative... https://securitybrief.co.nz/story/major-cryptocurrency-losses-for-smbs-from-bluenoroff-threat-actor Major cryptocurrency losses for SMBs from BlueNoroff threat actor Kaspersky experts uncover APT attacks by BlueNoroff, resulting in major cryptocurrency losses for small and medium-sized companies worldwide. for smbsmajorcryptocurrencylossesthreat https://apt.etda.or.th/cgi-bin/showcard.cgi?g=Tempting%20Cedar%20Spyware&n=1 Tempting Cedar Spyware - Threat Group Cards: A Threat Actor Encyclopedia group cardstemptingcedarspywarethreat