Threat Intelligence · Global monitoring

Hujumlar Bazasi

APT kampaniyalari, ransomware hujumlari va global kibertahdidlar ma'lumotlar bazasi

Jami hujumlar

0

Kritik

0

APT guruhlar

0

Davlatlar

0

// LIVE THREAT FEED

Hammasi 💀 Ransomware 🌊 DDoS 🔗 Ta'minot zanjiri 🕵️ APT 🗃️ Ma'lumot sizintisi 🎣 Fishing ⚡ Zero-day 📌 Boshqa

Kritik Yuqori O'rtacha Past

3CX Supply Chain Attack

🔗 Ta'minot zanjiriYuqori

The 3CX Supply Chain Attack was the first publicly reported case of one supply chain compromise triggering another, leading to a cascading, two-stage intrusion. The initial supply chain attack began when a 3CX employee downloaded and executed a trojanized, end-of-life version of the X_Trader trading software from Trading Technologies. This provided UNC4736, a threat cluster associated with AppleJeus, access to the 3CX environment. From there UNC4736 compromised the Windows and macOS build environments used to distribute the 3CX desktop application to their customers. While 3CX serves more than 600,000 customers and 12 million users, only a subset of systems were affected. Subsequent targeting focused on victims in the defense and cryptocurrency sectors, where attackers deployed secondary payloads such as Gopuram for credential theft and persistence. The campaign began in late 2022 and was disrupted after security vendors publicly reported the compromise in March 2023.

👤3CX Supply Chain Attack🎯Umumiy25-avg, 2025

Daggerfly

🔗 Ta'minot zanjiriYuqori

Daggerfly is a People's Republic of China-linked APT entity active since at least 2012. Daggerfly has targeted individuals, government and NGO entities, and telecommunication companies in Asia and Africa. Daggerfly is associated with exclusive use of MgBot malware and is noted for several potential supply chain infection campaigns.

👤Daggerfly🎯Umumiy25-iyl, 2024

PyPI Supply Chain Attack — W4SP Stealer

🔗 Ta'minot zanjiriYuqori

Malicious Python packages uploaded to PyPI delivered W4SP stealer targeting developer credentials, crypto wallets and Discord tokens.

👤Noma'lum📍Noma'lum→ Butun dunyo🎯IT, Dasturiy ta'minot1-noy, 2022

Elderwood

🔗 Ta'minot zanjiriYuqori

Elderwood is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. The group has targeted defense organizations, supply chain manufacturers, human rights and nongovernmental organizations (NGOs), and IT service providers.

👤Elderwood🎯Umumiy18-apr, 2018

OilRig

🔗 Ta'minot zanjiriYuqori

OilRig is a suspected Iranian threat group that has targeted Middle Eastern and international victims since at least 2014. The group has targeted a variety of sectors, including financial, government, energy, chemical, and telecommunications. It appears the group carries out supply chain attacks, leveraging the trust relationship between organizations to attack their primary targets. The group works on behalf of the Iranian government based on infrastructure details that contain references to Iran, use of Iranian infrastructure, and targeting that aligns with nation-state interests.

👤OilRig🎯Umumiy14-dek, 2017