Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowHazy Tiger is a South Asia-linked APT group active since 2013, targeting government, defense, and energy sectors through sophisticated espionage campaigns involving phishing, malware, and custom backdoors.
Razor Tiger (APT-C-17), also known as SideWinder, is a long-standing India-linked APT group active since 2012. Its evolving espionage campaigns now target South Asian governments, defense, and infrastructure using advanced malware and living-off-the-land tactics.
UNC4841, also known as SLIME57, is a China-linked APT group active since 2021, conducting cyber-espionage across government, defense, and tech sectors. Exploiting zero-day vulnerabilities and maintaining strong OPSEC, UNC4841 remains one of the most sophisticated and persistent espionage threats through 2025.
Ghostwriter, a Belarus/Russia-linked APT active since 2016, executes hybrid campaigns combining espionage, phishing, and disinformation against NATO and EU entities. Learn how these operations evolved into one of the most strategic influence threats in Eastern Europe.
GhostEmperor is a China-linked APT active since 2019, leveraging stealthy rootkits like Demodex to conduct espionage across Asia, the Middle East, and Africa. Known for its persistence and alignment with Beijing’s geopolitical interests, it remains a major cyber threat in 2025.
Earth Estries is a China-linked APT group active since the early 2020s, known for espionage campaigns targeting global governments, research institutions, and critical infrastructure. By 2025, the group’s activities have expanded worldwide, representing a major state-sponsored cyber threat aligned with Beijing’s geopolitical ambitions.
The Lazarus Group — a North Korea–linked APT — has executed some of the most disruptive cyberattacks in modern history. From Sony Pictures to billion-dollar crypto thefts, learn how this state-sponsored adversary continues to evolve and what defenses organizations can apply today.
Larva208 has rapidly emerged as one of the most alarming Russia-aligned hybrid threat actors, merging financial cybercrime with espionage campaigns targeting European and NATO-affiliated organizations.
Silent Lynx is a newly identified APT group operating from Central Asia with a focus on espionage. Using spear-phishing, PowerShell, and Golang implants, the group targets governments and financial institutions across the region.
SilverFox APT is rapidly evolving into one of 2025’s most dangerous cyber threat actors. Combining espionage with financial motives, it exploits edge devices, cloud identities, and supply chains to infiltrate governments and enterprises worldwide.
