Sharpening the knife: GOLD BLADE’s strategic evolution
Updates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deployment
Similar Posts
Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools
Bys sA Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active…
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
Bys sThreat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. “Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,”
Site Behind Major SSN Leak Returns With Detailed Data on Millions: How to Opt Out
Bys sMichael Kan reports: National Public Data, a website infamous for its role in leaking millions of Social Security numbers last year, has returned with the ability to look up anyone’s personal information. The site shut down in December amid a wave of lawsuits against parent company Jericho Pictures after a breach exposed an estimated 272 million unique SSNs and……
NIST Publishes Preliminary Draft of Cybersecurity Framework Profile for Artificial Intelligence for Public Comment
Bys sCaleb Skeath, Micaela McMurrough, Alexandra Bruer, and Bryan Ramirez of Covington and Burling write: On December 16, 2025, the U.S. National Institute of Standards and Technology (“NIST”) published a preliminary draft of the Cybersecurity Framework Profile for Artificial Intelligence (“Cyber AI Profile” or “Profile”). According to the draft, the Cyber AI Profile is intended to “provide guidelines……
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
Bys sCybersecurity researchers are warning of a “significant spike” in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24…
“In the most expedient time possible…”
Bys sRegular readers have probably noticed that DataBreaches tends to get a tad sarcastic when entities claim they are notifying us of a “recent” breach, but that “recent” breach was quite a while ago. Although some state notification laws set specific deadlines for notification in the event of a breach, many states merely require notification “in……