January 2026 APT Group Trends Report
Key APT Groups Sandworm attempted to destroy OT and IT equipment using DynoWiper after exploiting a vulnerable configuration of FortiGate, targeting at least 30 energy facilities, including wind and solar power plants in Poland, by the end of December 2025. They directly damaged RTUs, IEDs, and serial devices
October 2025 APT Group Trends
Trends of Key APT Groups by Region 1) North Korea North Korea-affiliated cyber threat groups have stolen cryptocurrency, credentials, and performed reconnaissance and remote control attacks through various malware and operations. They used Node.js-based malware and a multi-stage infection chain to target both Windows and macOS environments. Through their
Threat Trend Report on APT Groups – April 2024 Major Issues on APT Groups
The cases of major APT groups for April 2024 gathered from materials made public by security companies and institutions are as follows. 1) APT28 (Forest Blizzard) Microsoft Threat Intelligence released the results of the investigation on the activities of APT28, a Russia-based threat actor.[1] This group has been
