ABOUT

VISIT SENTINELONE.COM

Advanced Persistent Threat

25 MKTG Comms Blog 022 Generic LABS Blog Images 07

Advanced Persistent Threat

macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware

Phil Stokes & Raffaele Sabato / July 2, 2025

NimDoor shows how threat actors are continuing to explore cross-platform languages that introduce new levels of complexity for analysts.

China TopTier Header 1600x900

Advanced Persistent Threat

Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets

Aleksandar Milenkoski & Tom Hegel / June 9, 2025

This report uncovers a set of related threat clusters linked to PurpleHaze and ShadowPad operators targeting organizations, including cybersecurity vendors.

Op Digital Eye Ftr

Advanced Persistent Threat

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Aleksandar Milenkoski & Luigi Martire (Tinexta Cyber) / December 10, 2024

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe.

BNThief Feature

Advanced Persistent Threat

BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence

Raffaele Sabato, Phil Stokes & Tom Hegel / November 7, 2024

SentinelLABS has observed a suspected DPRK threat actor targeting Crypto-related businesses with novel multi-stage malware.

ChamelGang Ftr 5

Advanced Persistent Threat

ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware

Aleksandar Milenkoski & Julian-Ferdinand Vögele (Recorded Future) / June 26, 2024

Threat actors in the cyberespionage ecosystem are using ransomware for financial gain, disruption, distraction, misattribution, and the removal of evidence.

I Soons Data Breach The Leak That Revealed Chinas Cyber Operations 5

Advanced Persistent Threat

Unmasking I-Soon | The Leak That Revealed China’s Cyber Operations

Dakota Cary & Aleksandar Milenkoski / February 21, 2024

The I-Soon leak reveals the maturing nature of China’s cyber espionage and a competitive hacker marketplace driven by government demands.

A Glimpse Into Future ScarCruft Campaigns Attackers Gather Strategic Intelligence And Target Cybersecurity Professionals 20

Advanced Persistent Threat

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

Aleksandar Milenkoski & Tom Hegel / January 22, 2024

New ScarCruft activity suggests the adversary is planning to target cybersecurity professionals and businesses.

Sandman APT China Based Adversaries Embrace Lua 19

Advanced Persistent Threat

Sandman APT | China-Based Adversaries Embrace Lua

Aleksandar Milenkoski / December 11, 2023

SentinelLABS, Microsoft, and PwC threat intelligence researchers provide attribution-relevant information on the Sandman APT cluster.

Elephant Hunting Inside An Indian Hack For Hire Group 9

Advanced Persistent Threat

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Tom Hegel / November 16, 2023

Exploring the technical intricacies of Appin, a hack-for-hire group, revealing confirmed attribution and global threat activity, both old and new.

Arid Viper APTs Nest Of SpyC23 Malware Continues To Target Android Devices 1

Advanced Persistent Threat

Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices

Alex Delamotte / November 6, 2023

Hamas-aligned threat actor delivers spyware through weaponized apps posing as Telegram or Skipped messenger.

1 2 3 4

Next

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware
July 2, 2025
Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
June 9, 2025
FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
May 8, 2025

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
June 9, 2025
FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
May 8, 2025
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
April 28, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2025 SentinelOne, All Rights Reserved.