Apt

threat-intel 2026-05-10 High
MuddyWater Wears Chaos Ransomware as a Disguise — Teams Screen-Sharing Funnels Iranian Espionage Through Fake Extortion
Rapid7 attributes a Chaos-branded ransomware intrusion to Iran's MuddyWater. No files were ever encrypted — the ransom note was cover for Stagecomp/Darkcomp espionage delivered via Microsoft Teams screen-share.
muddywater iran apt ransomware false-flag microsoft-teams darkcomp stagecomp chaos social-engineering
Supply Chain 2026-04-08
North Korea's Contagious Interview Campaign Hits 1,700 Malicious Packages Across Five Ecosystems
DPRK-linked Contagious Interview operation now spans npm, PyPI, Go Modules, crates.io, and Packagist with 1,700+ poisoned packages delivering BeaverTail and InvisibleFerret malware.
supply-chain north-korea npm pypi go rust apt malware
threat-intelligence 2026-04-07
Storm-1175 Chains Zero-Days to Deploy Medusa Ransomware in Under 24 Hours
Microsoft exposes Storm-1175 as a primary Medusa ransomware affiliate, weaponizing zero-days in SmarterMail and GoAnywhere MFT with sub-24-hour dwell times.
ransomware zero-day apt smartermail medusa storm-1175
threat-intel 2026-04-01 High
TrueConf Zero-Day Weaponized by Chinese-Nexus APT to Backdoor Southeast Asian Governments
Operation TrueChaos exploited CVE-2026-3502 in TrueConf's update mechanism to push Havoc C2 payloads across government networks via a compromised on-premises server.
trueconf zero-day supply-chain apt cve-2026-3502 havoc dll-sideloading

MuddyWater Wears Chaos Ransomware as a Disguise — Teams Screen-Sharing Funnels Iranian Espionage Through Fake Extortion