Cyber Threat Intelligence

Threat Reports

Explore the latest cyber threat reports published by threat researchers and government agencies.

Report

Silk Typhoon targeting IT supply chain

Silk Typhoon is a sophisticated Chinese state-sponsored espionage group tracked by Microsoft Threat Intelligence. The group has been identified as ...

Report

Weathering the storm: In the midst of a Typhoon

Salt Typhoon is a highly sophisticated threat actor targeting the telecommunications sector, as detailed in this report from Cisco Talos. ...

Report

From South America to Southeast Asia: The Fragile Web of REF7707

REF7707 is an advanced and persistent threat actor tracked by Elastic Security Labs. The group has been observed actively targeting the foreign ...

Report

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

This blog post by Microsoft Threat Intelligence describes the Seashell Blizzard intrusion set and specifically the BadPilot campaign. According to ...

Cyber Incidents

Explore cyber incidents which have been reported publicly.

Incident

2016 cyber attack against power transmission in Ukraine

2016-12-17

Incident

Operation ShadowHammer Supply Chain Incident

2019-01-31

Incident

2015 cyber attack against power distribution in Ukraine

2015-12-23

Incident

Summer 2023 Microsoft Exchange Online Intrusion

2023-05-15

Intrusion Sets

Understand the tactics, techniques and procedures (TTPs) of cyber adversaries operating in the wild.

IntrusionSet

Seashell Blizzard

Seashell Blizzard is an intrusion set tracked by Microsoft that has been active since at least 2013 and is known for its high-impact cyber ...

IntrusionSet

REF7707

REF7707 is an intrusion set tracked by Elastic Security Labs. According to researchers, the group is a highly capable, novel intrusion set with ...

IntrusionSet

RedJuliett

RedJuliett is a likely Chinese state-sponsored cyber threat actor tracked by Recorded Future. primarily engaged in cyber-espionage activities ...

IntrusionSet

Night Dragon

Night Dragon is a threat identified by McAfee in 2011 and reported as being active since at least 2009. McAfee describe the associated activity as ...

Threat Actors

Understand the tactics, techniques and procedures (TTPs) of real-world cyber threat actors.

ThreatActor

North Korean Reconnaissance General Bureau 3rd Bureau

North Korea's Reconnaissance General Bureau (RGB) 3rd Bureau is reported by the FBI and other international agencies as an entity based in ...

ThreatActor

Hainan Xiandun Technology Development Company

According to the US Department of Justice, Hainan Xiandun Technology Development Co. Ltd (Hainan Xiandun) was established as a front company by ...

ThreatActor

People’s Liberation Army (PLA) Unit 69010

According to analysis by Recorded Future, Unit 69010 is likely the Military Unit Cover Designator (MUCD) for a Technical Reconnaissance Bureau ...

ThreatActor

Hainan State Security Department

According to the US Department of Justice, Hainan State Security Department (HSSD) is a provincial arm of China’s Ministry of State Security ...

Exploited Vulnerabilities

Explore vulnerabilities which have been exploited 'in the wild'.

CVE

CVE-2025-24989

CVE

CVE-2025-24200

CVE

CVE-2025-24085

CVE

CVE-2025-23209