APT40

APT40 is a China-aligned advanced persistent threat (APT) group known for long-term cyber espionage campaigns targeting maritime, defense, academic, and government organizations, particularly across the Indo-Pacific region.

RomCom APT

RomCom, also known as Void Rabisu or Storm-0978, is a Russia-aligned advanced persistent threat active since 2022. The group is known for combining espionage-driven operations with opportunistic financial activity, leveraging zero-day exploits, sophisticated phishing infrastructure, and stealthy malware to target NATO-aligned governments and defense sectors.

Silent Chollima: North Korea’s Dual-Track Cyber Weapon

Silent Chollima (APT45), also known as Onyx Sleet, is a North Korea–linked threat actor operating at the intersection of cyber espionage and financially motivated attacks. Active since 2013, the group targets healthcare, defense, critical infrastructure, and cryptocurrency organizations using credential theft, ransomware, and stealthy cloud-based persistence techniques.

OilRig: Iran’s Persistent Espionage Arm in Cyberspace

OilRig, also known as APT34 or Helix Kitten, is one of Iran’s most persistent cyber espionage groups. Active since 2014, the group targets energy, defense, and government organizations using spearphishing, cloud credential abuse, and long-term access operations across the Middle East and Europe.