QuaDream's spyware has been used in hacks against journalists, political dissidents and non-government organization workers in North America, Central Asia, Europe and the Middle East.
The Winter Vivern APT group is now targeting government agencies and diplomats from the United States and European countries.
Two versions of the 3CX Windows electron app were compromised in a targeted supply chain attack, and researchers have connected it to a North Korean attack group.
Two threat groups have been identified deploying a new variant of the IcedID malware, which often is seen in conjunction with Emotet.
By looking at metadata in LNK files in recent campaigns, Talos researchers have linked the Bumblebee malware with the Qakbot and IcedID malware groups.