Operation 2026() 2025() 2024() 2023() 2022() OTHER() ALL(211)
|
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
|
13.6.26 |
Velvet Ant’s Operation Highland: How a China-Nexus Actor Infiltrated an Internal Network Undetected |
|||
| 12.6.26 | Phantom Mantis Operation | Phantom Mantis, initially known as ArmCorp, is a financially motivated threat group active since March 2025. The group conducts intrusions for extortion and is led by a Russian-speaking criminal tracked as LARVA-368. | OPERATION | OPERATION |
| 4.6.26 | Operation FlutterBridge | Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor | OPERATION | OPERATION |
| 30.5.26 | Operation Dragon Weave | Contents Introduction Key Targets Industries Affected Geographical focus Infection Chain Initial Findings Looking into the Decoy Document Technical Analysis Stage 1 – Initial Delivery Path A: LNK-Based Execution Path B: Executable-Based Delivery Stage 2 – Script-Based Dropper Chain Stage... | OPERATION | OPERATION |
| 30.5.26 | Operation XENOFISCAL | Authors: Dixit Panchal & Vaibhav Krushna Billade Table of Contents: Introduction: Key Targets: Infection Chain: Initial Findings about Campaign: Analysis of Decoy: Technical Analysis: Stage 1: Analysis of LNK File. Stage 2: Analysis of HTA/JavaScript Payload Stage 3: Analysis... | OPERATION | OPERATION |
| 26.5.26 | Nimbus Manticore Operations | The Iranian, IRGC affiliated, threat actor Nimbus Manticore resurfaced during Operation Epic Fury, the US military campaign against Iran launched on February 28, 2026, demonstrating newly adopted techniques and enhanced capabilities. | OPERATION | OPERATIONS |
| 23.5.26 | Operation Dragon Whistle | Table of Contents: Introduction: Key Targets: Infection Chain: Initial Findings about Campaign: Analysis of Decoys & Spear phishing Email: Technical Analysis: Stage1: Analysis of LNK File. Stage2: Analysis of VBS. Stage3: DLL Side Loading. Infrastructural Artefacts & Threat actor... | OPERATION | OPERATION |
| 13.5.26 | Operation NoVoice | Operation NoVoice: Android Malware Found in 50+ Apps Can Hijack Devices | OPERATION | OPERATION |
| 9.5.26 | Operation GriefLure | Table of Contents: Introduction: Key Targets: Infection Chain: Initial Findings about Campaign: Analysis of Decoys: Technical Analysis: Campaign-1: Stage-1: Ho so.rar Campaign: 2 Stage-1: download.zip Stage-2: The LNK & Batch file (Common in 1 & 2 both) Stage-3: Analysis | OPERATION | OPERATION |
| 9.5.26 | Operation Silent Rotor | Operation Silent Rotor: Targeted Campaign Compromises Unmanned Aviation Sector Ahead of Moscow Summit Table of Content Introduction Key Targets Industries Affected Geographical focus Infection Chain Initial Findings Looking into the Decoy Documents Technical Analysis Stage 1 – Analysis of... | OPERATION | OPERATION |
| 9.5.26 | Operation HumanitarianBait | Cyble analyzes Operation HumanitarianBait, a stealthy espionage campaign using aid-themed lures to deploy a fileless Python infostealer. | OPERATION | OPERATION |
| 6.5.26 | Iranian-Nexus Operation | Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed | OPERATION | OPERATION |
| 25.4.26 | Operation TrustTrap | CRIL uncovered 16,800+ spoofed domains by analyzing URL trust abuse, cloud infra clustering, and human‑centric deception instead of technical exploits. | OPERATION | OPERATION |
| 5.4.26 | Operation NoVoice | Operation NoVoice: Rootkit Tells No Tales | OPERATION | OPERATION |
| 4.4.26 | Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets | Check Point Research identified a zero-day vulnerability in the TrueConf client application, tracked as CVE-2026-3502, with a CVSS score of 7.8. The flaw stems from the abuse of TrueConf’s updater validation mechanism, allowing an attacker who controls the on-premises TrueConf server to distribute and execute arbitrary files across all connected endpoints. | OPERATION | OPERATION |
| 4.4.26 | Operation DualScript – A Multi-Stage PowerShell Malware Campaign Targeting Cryptocurrency and Financial Activity | Operation DualScript – A Multi-Stage PowerShell Malware Campaign Targeting Cryptocurrency and Financial Activity Introduction During our investigation, we identified a multi-stage malware infection leveraging Scheduled Task persistence, VBScript launchers, and PowerShell-based execution. The attack operates through two parallel chains:... | OPERATION | OPERATION |
| 3.4.26 | Multi-Tool Mining Operation | Fake Installers to Monero: A Multi-Tool Mining Operation | OPERATION | OPERATION |
| 21.3.26 | Operation GhostMail | Contents Introduction Key Targets Industries Affected Geographical focus Geopolitical Context Infection Chain Timeline of Activity Initial Findings Looking into the Decoy Documents Technical Analysis Stage 1 – Malicious Archive Delivery Stage 2 – Malicious Shortcut Execution Stage 3 | OPERATION | OPERATION |
| 18.3.26 | LeakNet’s | Casting a Wider Net: ClickFix, Deno, and LeakNet’s Scaling Threat | OPERATION | OPERATION |
| 14.3.26 | Operation CamelClone: Multi-Region Espionage Campaign Targets Government and Defense Entities Amidst Regional Tensions | Contents Introduction Key Targets Industries Affected Geographical focus Geopolitical Context Infection Chain Timeline of Activity Initial Findings Looking into the Decoy Documents Technical Analysis Stage 1 – Malicious Archive Delivery Stage 2 – Malicious Shortcut Execution Stage 3 | OPERATION | OPERATION |
| 5.3.26 | Operation Epic Fury/Roaring Lion | Retaliatory Hacktivist DDoS Activity Following Operation Epic Fury/Roaring Lion | OPERATION | OPERATION |
| 24.2.26 | Operation MacroMaze | Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure | OPERATION | OPERATION |
| 23.2.26 | Operation Olalampo | MuddyWater APT has launched a new cyber offensive operation, dubbed Operation Olalampo, deploying new malware variants and leveraging Telegram bots for command-and-control. | OPERATION | OPERATION |
| 3.2.26 | Operation Neusploit | APT28 Leverages CVE-2026-21509 in Operation Neusploit | OPERATION | OPERATION |
| 24.1.26 | Operation DupeHike | Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – DUPERUNNER Implant Stage 3 – AdaptixC2 Beacon. Infrastructural Artefacts. Conclusion SEQRITE Protection.... | OPERATION | OPERATION |
| 24.1.26 | Operation Covert Access | Table of Contents: Introduction: Infection Chain: Targeted sectors: Initial Findings about Campaign: Analysis of Decoy: Technical Analysis: Stage-1: Analysis of Windows Shortcut file (.LNK). Stage-2: Analysis of Batch file. Stage-3: Details analysis of Covert RAT. Conclusion: Seqrite Coverage: IOCs... | OPERATION | OPERATION |
| 24.1.26 | Operation Nomad Leopard | Contents Introduction Key Targets Industries Affected Geographical focus Infection Chain. Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious ISO File Stage 2 – Malicious LNK File Stage 3 – Final Payload: FALSECUB Infrastructure & Attribution... | OPERATION | OPERATION |