Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowVoid Manticore is an Iran-aligned APT group conducting hybrid cyber operations, destructive wiper attacks, and politically motivated leak campaigns targeting Israel, NATO members, NGOs, and critical infrastructure sectors.
Sandworm (APT44) is Russia’s most destructive state-sponsored cyber unit. Known for NotPetya, Industroyer, and AcidPour, the group targets critical infrastructure across Ukraine, NATO states, and Europe, combining cyber sabotage with military objectives.
APT37 (Famous Chollima) remains one of North Korea’s most active and adaptive cyberespionage groups. This analysis highlights their 2025 evolution—cloud persistence, AI-driven social engineering, new RAT variants, and global targeting across governments, defense, research, and policy organizations.
SilverFox APT is rapidly evolving into one of 2025’s most dangerous cyber threat actors. Combining espionage with financial motives, it exploits edge devices, cloud identities, and supply chains to infiltrate governments and enterprises worldwide.
SilverFox APT is rapidly evolving into one of 2025’s most dangerous cyber threat actors. Combining espionage with financial motives, it exploits edge devices, cloud identities, and supply chains to infiltrate governments and enterprises worldwide.
APT41 is one of China’s most versatile APT groups, combining espionage, large-scale supply chain compromises, and financially motivated intrusions targeting telecom, government, and technology sectors worldwide.
APT36 is a Pakistan-linked APT group active since 2013, known for targeting government, military, and research sectors with phishing, RATs, and Android spyware.
APT28 (Fancy Bear) is one of the most aggressive and persistent Russian state-linked APT groups, known for cyber espionage, Outlook exploits, election interference, and high-impact operations against NATO, the EU, and global institutions. This report outlines the group’s TTPs, evolution, and 2025 threat relevance.
Scattered Spider (UNC3944/Octo Tempest) is one of the most dangerous financially motivated APT groups active in 2025. Known for large-scale social engineering, SIM swapping, Spectre RAT operations, and hypervisor-level DragonForce ransomware, the group continues to target airlines, SaaS, telecom, retail, and financial organizations across Western regions.
APT33, also known as Elfin or Refined Kitten, is Iran’s long-running cyber-espionage group targeting global defense, energy, and aerospace sectors with evolving tactics and tools.
