Cyber Campaigns Operation 2025 - 2026 | 2025 | 2024 | 2023 | 2022 | 2021 | 2020 | 2019 | 2018 | 2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008
|
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
| 2025 | Operation ForumTroll | Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports | OPERATION | OPERATION |
| 2025 | Operation MoneyMount-ISO | Table of Contents: Introduction: Targeted sectors: Initial Findings about Campaign: Analysis of Phishing Mail: Infection Chain: Technical Analysis: Stage-1: Analysis of Malicious ISO file. Stage-2: | OPERATION | OPERATION |
| 2025 | Operation FrostBeacon | Operation FrostBeacon: Multi-Cluster Cobalt Strike Campaign Targets Russia Contents Introduction Key Targets Geographical Focus Industries Affected LNK Cluster Initial Access: | OPERATION | OPERATION |
| 2025 | Operation DupeHike | Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – | OPERATION | OPERATION |
| 2025 | RomCom payload | Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine | OPERATION | OPERATION |
| 2025 | Operation WrtHug | Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router | OPERATION | OPERATION |
| 2025 | Operation Peek-a-Baku | Initial Findings. Technical Analysis. Campaign – I The LNK Way. Malicious SILENT LOADER Malicious LAPLAS Implant – TCP & TLS. Malicious .NET Implant – SilentSweeper Campaign –... | OPERATION | OPERATION |
| 2025 | Operation SkyCloak | Authors: Sathwik Ram Prakki and Kartikkumar Jivani Contents Introduction Key Targets Industries Geographical Focus Infection and Decoys Technical Analysis PowerShell Stage Persistence C.. | OPERATION | OPERATION |
| 2025 | Tangerine Turkey Operations | From Scripts to Systems: A Comprehensive Look at Tangerine Turkey Operations | OPERATION | OPERATION |
| 2025 | Operation MotorBeacon | Malicious .NET Implant Hunting and Infrastructure. Conclusion Seqrite Protection. IOCs MITRE ATT&CK.... | OPERATION | OPERATION |
| 2025 | Operation Silk Lure | Introduction: Seqrite Lab has been actively monitoring global cyber threat... | OPERATION | OPERATION |
| 2025 | Rewrite | Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign | OPERATION | OPERATION |
| 2025 | Operation Rewrite | Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign | OPERATION | OPERATION |
| 2025 | RaccoonO365 | Cloudflare participates in global operation to disrupt RaccoonO365 | OPERATION | OPERATION |
| 2025 | SlopAds | Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation | OPERATION | OPERATION |
| 2025 | Operation BarrelFire | NoisyBear targets entities linked to Kazakhstan’s Oil & Gas Sector. | OPERATION | OPERATION |
| 2025 | Blockbuster | Private Industry Takes Action Against Global Cyber Threats | OPERATION | OPERATION |
| 2025 | Operation HanKook Phantom | Table of Contents: Introduction Threat Profile Infection Chain Campaign-1 Analysis of Decoy: Technical Analysis Fingerprint of ROKRAT’s Malware Campaign-2 | OPERATION | OPERATION |
| 2025 | Operation CargoTalon | UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant. | OPERATION | OPERATION |
| 2025 | Operation GhostChat | In June 2025, threat actors carried out a strategic web compromise by replacing the legitimate link, tibetfund.org/90thbirthday, on a compromised webpage with a malicious link. | OPERATION | OPERATION |
| 2025 | Operation PhantomPrayers | In June 2025, a new subdomain, hhthedalailama90.niccenter[.]net was used by the threat actor to distribute a malicious application masquerading as a "special prayer check-in" software. | OPERATION | OPERATION |
| 2025 | Operation Phantom Enigma | A malicious campaign discovered by Positive Technologies specialists is primarily targeting residents of Brazil. Attacks have been detected since the beginning of 2025. | OPERATION | OPERATION |
| 2025 | Operation Sindoor – Anatomy of a Digital Siege | Overview Seqrite Labs, India’s largest Malware Analysis lab, has identified multiple cyber events linked to Operation Sindoor, involving state- sponsored APT activity and coordinated hacktivist operations. | OPERATION | OPERATION |
| 2025 | ELUSIVE COMET | Mitigating ELUSIVE COMET Zoom remote control attacks | OPERATION | OPERATION |
| 2025 | Scallywag | Scallywag Extensions Monetize Piracy | OPERATION | OPERATION |
| 2025 | Operation SyncHole | Operation SyncHole: Lazarus APT goes back to the well | OPERATION | OPERATION |
| 2025 | SuperCard X | SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation | OPERATION | OPERATION |
| 2025 | Operation BlackEcho | Voice Phishing using Fake Financial and Vaccine Apps | OPERATION | OPERATION |
| 2025 | Operational Relay Box (ORB) | An Introduction to Operational Relay Box (ORB) Networks - Unpatched, Forgotten, and Obscured | OPERATION | OPERATION |
| 2025 | Operation FishMedley | ESET researchers detail a global espionage operation by FishMonger, the APT group run by I‑SOON | OPERATION | OPERATION |
| 2025 | Operation AkaiRyū | Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor | OPERATION | OPERATION |
| 2025 | Harvest | Operation ‘Harvest’: A Deep Dive into a Long-term Campaign | OPERATION | OPERATION |
| 2025 | Operation Marstech Mayhen | Lazarus Group’s Open-Source Trap: North Korea’s New Malware Tactic Targeting Developers and Crypto Wallets | OPERATION | OPERATION |
| 2025 | Operation Phantom Circuit | North Korea’s Global Data Exfiltration Campaign | OPERATION | OPERATION |
| 2025 | Operation 99 | Operation 99: North Korea’s Cyber Assault on Software Developers | OPERATION | OPERATION |
| 2025 | Quishing Campaigns | EXECUTIVE SUMMARY CYFIRMA examines a sophisticated phishing campaign that leverages QR-code-based delivery, commonly referred to as “quishing,” to target employees with | CAMPAIGN | CAMPAIGN |
| 2025 | UDPGangster | MuddyWater campaign analysis reveals macro-based delivery, extensive anti-analysis techniques, and shared infrastructure links | CAMPAIGN | CAMPAIGN |
| 2025 | Qilin RaaS | The Korean Leaks – Analyzing the Hybrid Geopolitical Campaign Targeting South Korean Financial Services With Qilin RaaS | CAMPAIGN | CAMPAIGN |
| 2025 | Shai-Hulud 2.0 | Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users. | CAMPAIGN | CAMPAIGN |
| 2025 | Shai-Hulud Campaign | It's another Monday morning, sitting down at the computer. And I see a stack of alerts from the last hour of packages showing signs of malware in our triage queue. Having not yet finished my first cup of coffee, I see Shai Hulud indicators. Y | CAMPAIGN | CAMPAIGN |
| 2025 | NPM Spam Campaign | The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign | CAMPAIGN | SPAM |
| 2025 | SmartApeSG | SmartApeSG campaign uses ClickFix page to push NetSupport RAT | CAMPAIGN | CAMPAIGN |
| 2025 | EVALUSION | EVALUSION Campaign Delivers Amatera Stealer and NetSupport RAT | CAMPAIGN | CAMPAIGN |
| 2025 | SpearSpecter | Israel National Digital Agency researchers have uncovered an ongoing, sophisticated espionage campaign, | CAMPAIGN | BIGBROTHER |
| 2025 | Multi-Brand themed Phishing Campaign | CRIL analyzed an active phishing campaign leveraging HTML-based Telegram bot credential harvesters designed to mimic multiple prominent brands | CAMPAIGN | PHISHING |
| 2025 | NPM Spam Campaign | The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign | CAMPAIGN | SPAM |
| 2025 | I Paid Twice | Phishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and Customers | CAMPAIGN | PHISHING |
| 2025 | Odyssey | Odyssey Stealer and AMOS Campaign Targets macOS Developers Through Fake Tools | CAMPAIGN | Malware |
| 2025 | Smishing Deluge | The Smishing Deluge: China-Based Campaign Flooding Global Text Messages | CAMPAIGN | CAMPAIGN |
| 2025 | Jingle Thief | Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign | CAMPAIGN | CAMPAIGN |
| 2025 | PassiveNeuron | PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations | CAMPAIGN | CAMPAIGN |
| 2025 | RondoDox | RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits | CAMPAIGN | CAMPAIGN |
| 2025 | Akira’s SonicWall Campaign | Inside Akira’s SonicWall Campaign: Darktrace’s Detection and Response | CAMPAIGN | CAMPAIGN |
| 2025 | Exploitation of CVE-2025-10035 | Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability | CAMPAIGN | CAMPAIGN |
| 2025 | Smash and Grab | Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less | CAMPAIGN | Ramsomware |
| 2025 | RedNovember | Network edge devices such as routers, switches, firewalls, VPNs, and access points are being targeted by waves of cyberattacks. | CAMPAIGN | CAMPAIGN |
| 2025 | ProSpy and ToSpy | New spyware campaigns target privacy-conscious Android users in the UAE | CAMPAIGN | CAMPAIGN |
| 2025 | Clickfix HijackLoader Phishing Campaign | With the evolution of cyber threats, the final execution of a malicious payload is no longer the sole focus of the cybersecurity industry. | CAMPAIGN | PHISHING |
| 2025 | GhostAction | The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows | CAMPAIGN | CAMPAIGN |
| 2025 | FileFix | FileFix in the wild! New FileFix campaign goes beyond POC and leverages steganography | CAMPAIGN | CAMPAIGN |
| 2025 | Madgicx Plus | Behind the Mask of Madgicx Plus: A Chrome Extension Campaign Targeting Meta Advertisers | CAMPAIGN | Social |
| 2025 | TAOTH | TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents | CAMPAIGN | Exploit |
| 2025 | ZipLine | ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies | CAMPAIGN | Phishing |
| 2025 | ShadowCaptcha | Israel National Digital Agency Uncovers Global Cyberattack Campaign “ShadowCaptcha” | CAMPAIGN | CAMPAIGN |
| 2025 | PRC-Nexus Espionage Campaign | Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats | CAMPAIGN | CAMPAIGN |
| 2025 | Amadey | MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities | CAMPAIGN | CAMPAIGN |
| 2025 | LARVA-208’s New Campaign Targets Web3 Developers | LARVA-208 , known for its phishing attacks and social engineering tactics targeting English-speaking IT staff through phone calls, has adopted a new technique in its operations. | CAMPAIGN | CAMPAIGN |
| 2025 | Nebulous Mantis | (a.k.a. Cuba, STORM-0978, Tropical Scorpius, UNC2596) is a Russian-speaking cyber espionage group that has actively deployed the RomCom | CAMPAIGN | CAMPAIGN |
| 2025 | Phishing Campaigns Galore | The surge in ClickFix campaigns also coincides with the discovery of various phishing campaigns that | CAMPAIGN | CAMPAIGN |
| 2025 | Shadow Vector | Shadow Vector targets Colombian users via privilege escalation and court-themed SVG decoys | CAMPAIGN | CAMPAIGN |
| 2025 | Stargazers Ghost Network Campaigns | Since March 2025, Check Point Research has been tracking malicious GitHub repositories targeting Minecraft users with an undetected Java downloader. | CAMPAIGN | CAMPAIGN |
| 2025 | SERPENTINE#CLOUD | Analyzing SERPENTINE#CLOUD: Threat Actors Abuse Cloudflare Tunnels to Infect Systems with Stealthy Python-Based Malware | CAMPAIGN | CAMPAIGN |
| 2025 | JSFireTruck | JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique | CAMPAIGN | CyberCrime |
| 2025 | ASUS Routers campaign | GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers | CAMPAIGN | CAMPAIGN |
| 2025 | Smishing Triad | Smishing Triad: Chinese eCrime Group Targets 121+ Countries, Intros New Banking Phishing Kit | CAMPAIGN | SPAM |
| 2025 | Sponsored Actors Try ClickFix | Around the World in 90 Days: State-Sponsored Actors Try ClickFix | CAMPAIGN | CAMPAIGN |
| 2025 | PoisonSeed Campaign | PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation | CAMPAIGN | SPAM |
| 2025 | Stripe API Skimming Campaign | Stripe API Skimming Campaign: Additional Victims and Insights | CAMPAIGN | Skimming |
| 2025 | J-Magic | Juniper Routers, Network Devices Targeted with Custom Backdoors | CAMPAIGN | MALWARE |
| 2025 | Gamaredon | Gamaredon campaign abuses LNK files to distribute Remcos backdoor | CAMPAIGN | MALWARE |
| 2025 | .NET MAUI | New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI | CAMPAIGN | Malware |
| 2025 | ClearFake | ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery | CAMPAIGN | MALWARE |
| 2025 | Desert Dexter. Attacks | Desert Dexter. Attacks on Middle Eastern countries | CAMPAIGN | Malware |
| 2025 | Phishing Campaign Using Private Video Sharing | We’re aware that phishers have been sharing private videos to send false videos, including an AI generated video of YouTube’s CEO Neal Mohan announcing changes in monetization. | CAMPAIGN | PHISHING |
| 2025 | Snail Mail Fail | Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear | CAMPAIGN | Ransom |
| 2025 | GitVenom campaign | The GitVenom campaign: cryptocurrency theft using GitHub | CAMPAIGN | CRYPTOCURRENCY |
| 2025 | DeceptiveDevelopment | Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. | CAMPAIGN | Malware |
| 2025 | RevivalStone | The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. | CAMPAIGN | APT |
| 2025 | Earth Freybug’s | Stealth in the Shadows: Dissecting Earth Freybug’s Recent Campaign and Operational Techniques | CAMPAIGN | Malware |
| 2025 | DEEP#DRIVE | Analyzing DEEP#DRIVE: North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks | CAMPAIGN | APT |
| 2025 | BadPilot | The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation | CAMPAIGN | Operation |
| 2025 | Webflow CDN | New Phishing Campaign Abuses Webflow, SEO, and Fake CAPTCHAs | CAMPAIGN | Phishing |
| 2025 | GSocket Gambling Scavenger | GSocket Gambling Scavenger – How Hackers Use PHP Backdoors and GSocket to Facilitate Illegal Gambling in Indonesia | CAMPAIGN | CAMPAIGN |