780th Military Intelligence Brigade (Cyber)
@780thmibdecyber.bsky.social
Official Bluesky page of the 780th Military Intelligence Brigade (Cyber). The Army's only offensive cyberspace operations brigade (following, re-posts, and links ≠ endorsement).
Pinned
"Ubique Et Semper In Pugna" Latin for "Everywhere and always fighting" – We don't talk about what we do nor who we are in a cyber 'knife fight' with; however, we are "Everywhere and Always...In the Fight!" We are the only offensive cyberspace operations brigade in the U.S. Army.
LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations
November 25, 2025, Sentinel Labs
www.sentinelone.com/labs/labscon...
November 25, 2025, Sentinel Labs
www.sentinelone.com/labs/labscon...
LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations
Mei Danowski & Eugenio Benincasa unpack how Chinese firms running attack-defense exercises fuel state-linked offensive cyber operations.
www.sentinelone.com
November 26, 2025 at 1:04 PM
LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations
November 25, 2025, Sentinel Labs
www.sentinelone.com/labs/labscon...
November 25, 2025, Sentinel Labs
www.sentinelone.com/labs/labscon...
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack | Water Gamayun is a Russia-aligned APT group known for targeting enterprise and government networks with stealthy information-stealing campaigns. www.zscaler.com/blogs/securi... @zscalerinc.bsky.social
In-Depth Analysis: Water Gamayun APT Multi-Stage Attack Uncovered
Zscaler Threat Hunting team analyzes Water Gamayun APT’s multi-stage attack exploiting MMC, fake PDFs, and obfuscation to deliver hidden malware.
www.zscaler.com
November 26, 2025 at 12:57 PM
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack | Water Gamayun is a Russia-aligned APT group known for targeting enterprise and government networks with stealthy information-stealing campaigns. www.zscaler.com/blogs/securi... @zscalerinc.bsky.social
How North Korea Has Bolstered Russia’s War in Ukraine
November 25, 2025, Council on Foreign Relations
www.cfr.org/article/how-...
@cfr.org
November 25, 2025, Council on Foreign Relations
www.cfr.org/article/how-...
@cfr.org
How North Korea Has Bolstered Russia’s War in Ukraine
North Korean troops and weapons have played an unexpectedly crucial role in sustaining Russia’s grinding military campaign in Ukraine. In exchange, Pyongyang has been able to upgrade its outdated Sov…
www.cfr.org
November 26, 2025 at 12:27 PM
How North Korea Has Bolstered Russia’s War in Ukraine
November 25, 2025, Council on Foreign Relations
www.cfr.org/article/how-...
@cfr.org
November 25, 2025, Council on Foreign Relations
www.cfr.org/article/how-...
@cfr.org
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
November 25, 2025, Arctic Wolf Labs
arcticwolf.com/resources/bl...
@awnetworks.bsky.social
November 25, 2025, Arctic Wolf Labs
arcticwolf.com/resources/bl...
@awnetworks.bsky.social
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine - Arctic Wolf
Arctic Wolf Labs recently identified a U.S.-based company that was targeted by the Russian-aligned threat group RomCom via SocGholish, operated by TA569. This is the first time that a RomCom payload h...
arcticwolf.com
November 26, 2025 at 12:23 PM
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
November 25, 2025, Arctic Wolf Labs
arcticwolf.com/resources/bl...
@awnetworks.bsky.social
November 25, 2025, Arctic Wolf Labs
arcticwolf.com/resources/bl...
@awnetworks.bsky.social
Report Explanation| MSMT: The DPRK’s Violation and Evasion of UN Sanctions through Cyber and Information Technology Worker Activities
November 25, 2025, Medium
slowmist.medium.com/explanation-...
November 25, 2025, Medium
slowmist.medium.com/explanation-...
Explanation| MSMT: The DPRK’s Violation and Evasion of UN Sanctions via Cyber and IT Worker…
This article offers excerpts to help readers quickly grasp evolving cyber threats and enhance awareness.
slowmist.medium.com
November 26, 2025 at 11:56 AM
Report Explanation| MSMT: The DPRK’s Violation and Evasion of UN Sanctions through Cyber and Information Technology Worker Activities
November 25, 2025, Medium
slowmist.medium.com/explanation-...
November 25, 2025, Medium
slowmist.medium.com/explanation-...
Jamf Threat Labs: FlexibleFerret malware continues to strike | This malware family is attributed to DPRK-aligned operators and tied to fake recruitment lures associated with the Contagious Interview operation.
www.jamf.com/blog/flexibl...
www.jamf.com/blog/flexibl...
FlexibleFerret: macOS Malware Deploys in Fake Job Scams
Jamf Threat Labs analyzes the FlexibleFerret macOS malware, a threat that uses fake recruitment lures and social engineering to infect systems and steal credentials.
www.jamf.com
November 26, 2025 at 11:49 AM
Jamf Threat Labs: FlexibleFerret malware continues to strike | This malware family is attributed to DPRK-aligned operators and tied to fake recruitment lures associated with the Contagious Interview operation.
www.jamf.com/blog/flexibl...
www.jamf.com/blog/flexibl...
Eroding Global Stability: The Cybersecurity Strategies Of China, Russia, North Korea, And Iran
November 26, 2025, Small Wars Journal | essay by Evan Morgan
smallwarsjournal.com/2025/11/26/c...
November 26, 2025, Small Wars Journal | essay by Evan Morgan
smallwarsjournal.com/2025/11/26/c...
Eroding Global Stability: The Cybersecurity Strategies Of China, Russia, North Korea, And Iran | Small Wars Journal by Arizona State University
China, Russia, North Korea, and Iran are reshaping the cyber domain through collaboration and irregular tactics. This article explores how their cybersecurity strategies challenge NATO, the U.S., and ...
smallwarsjournal.com
November 26, 2025 at 11:36 AM
Eroding Global Stability: The Cybersecurity Strategies Of China, Russia, North Korea, And Iran
November 26, 2025, Small Wars Journal | essay by Evan Morgan
smallwarsjournal.com/2025/11/26/c...
November 26, 2025, Small Wars Journal | essay by Evan Morgan
smallwarsjournal.com/2025/11/26/c...
Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious
November 24, 2025, Morphisec
www.morphisec.com/blog/morphis...
November 24, 2025, Morphisec
www.morphisec.com/blog/morphis...
Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend Files | Morphisec Blog
In this threat analysis, Morphisec researchers detail a Russian-linked Steal C campaign, its attack path and complete infrastructure.
www.morphisec.com
November 25, 2025 at 1:20 PM
Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious
November 24, 2025, Morphisec
www.morphisec.com/blog/morphis...
November 24, 2025, Morphisec
www.morphisec.com/blog/morphis...
The Cybersecurity and Infrastructure Security Agency (CISA): Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications | www.cisa.gov/news-events/...
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications | CISA
www.cisa.gov
November 25, 2025 at 1:17 PM
The Cybersecurity and Infrastructure Security Agency (CISA): Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications | www.cisa.gov/news-events/...
To China's war planners, AI is just another thing to deceive
November 24, 2025, Defense One
www.defenseone.com/threats/2025...
@defenseone.bsky.social
November 24, 2025, Defense One
www.defenseone.com/threats/2025...
@defenseone.bsky.social
To China's war planners, AI is just another thing to deceive
The People’s Liberation Army is prepping for battles in which AIs work to distort each others' reality.
www.defenseone.com
November 25, 2025 at 1:12 PM
To China's war planners, AI is just another thing to deceive
November 24, 2025, Defense One
www.defenseone.com/threats/2025...
@defenseone.bsky.social
November 24, 2025, Defense One
www.defenseone.com/threats/2025...
@defenseone.bsky.social
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets | dti.domaintools.com/threat-intel... @domaintools.bsky.social
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets - DomainTools Investigations | DTI
Unmasking APT35 (Charming Kitten). New report analyzes leaked internal documents, revealing their operational profile, Exchange attack chains (ProxyShell, EWS), and quota-driven compromise strategies.
dti.domaintools.com
November 24, 2025 at 1:33 PM
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets | dti.domaintools.com/threat-intel... @domaintools.bsky.social
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs | thehackernews.com/2025/11/chin... @thehackernews.bsky.social
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
CrowdStrike shows Chinese AI DeepSeek-R1 quietly weakens code security when prompts mention Tibet, Uyghurs, or Falun Gong.
thehackernews.com
November 24, 2025 at 1:30 PM
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs | thehackernews.com/2025/11/chin... @thehackernews.bsky.social
A U.S. government cable said that Kremlin-run outlets had scaled up their efforts across Latin America, seeking to turn people against the United States and garner support for Russia. www.nytimes.com/2025/11/24/w... @nytimes.com
Russian Disinformation Comes to Mexico, Seeking to Rupture U.S. Ties
www.nytimes.com
November 24, 2025 at 12:05 PM
A U.S. government cable said that Kremlin-run outlets had scaled up their efforts across Latin America, seeking to turn people against the United States and garner support for Russia. www.nytimes.com/2025/11/24/w... @nytimes.com
This week Validin began tracking a new variant of the DPRK-linked Contagious Interview operation, an illicit job-platform campaign designed to socially engineer and compromise people seeking jobs in a variety of roles | www.validin.com/blog/inside_...
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent | Validin
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent
www.validin.com
November 21, 2025 at 12:21 PM
This week Validin began tracking a new variant of the DPRK-linked Contagious Interview operation, an illicit job-platform campaign designed to socially engineer and compromise people seeking jobs in a variety of roles | www.validin.com/blog/inside_...
Google Threat Intelligence Group (GTIG) is tracking a long-running and adaptive cyber espionage campaign by APT24, a People's Republic of China (PRC)-nexus threat actor. cloud.google.com/blog/topics/... @newsfromgoogle.bsky.social
APT24's Pivot to Multi-Vector Attacks | Google Cloud Blog
PRC-nexus APT24 uses BADAUDIO malware in a persistent, multi-vector espionage campaign targeting Taiwan.
cloud.google.com
November 21, 2025 at 12:02 PM
Google Threat Intelligence Group (GTIG) is tracking a long-running and adaptive cyber espionage campaign by APT24, a People's Republic of China (PRC)-nexus threat actor. cloud.google.com/blog/topics/... @newsfromgoogle.bsky.social
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus | www.gendigital.com/blog/insight...
Alliances of convenience: How APTs are beginning to work together
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus
www.gendigital.com
November 21, 2025 at 11:55 AM
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus | www.gendigital.com/blog/insight...
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
Two U.S. citizens and two nationals of the People’s Republic of China (PRC)—all residing in the United States—have been charged with a conspiracy to illegally export cutting-edge NVIDIA Graphics Proce...
www.justice.gov
November 21, 2025 at 11:38 AM
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts - Breaking Defense
“We’re now going to see agentic cyber defenses deployed against agentic cyber attacks,” said Lt. Gen. Jack Shanahan, founder of the Pentagon’s Joint Artificial Intelligence Center.
breakingdefense.com
November 21, 2025 at 11:35 AM
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) | ShadowPad is a backdoor malware used by numerous Chinese APT groups. AhnLab Security intelligence Center (ASEC) asec.ahnlab.com/en/91166/
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) - ASEC
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) ASEC
asec.ahnlab.com
November 20, 2025 at 12:56 PM
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) | ShadowPad is a backdoor malware used by numerous Chinese APT groups. AhnLab Security intelligence Center (ASEC) asec.ahnlab.com/en/91166/
NSA Joins CISA and Others to Release Guidance on Mitigating Malicious Activity from Bulletproof Hosting Provider Infrastructure
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
www.nsa.gov
November 20, 2025 at 12:03 PM
NSA Joins CISA and Others to Release Guidance on Mitigating Malicious Activity from Bulletproof Hosting Provider Infrastructure
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
SecurityScorecard’s STRIKE team uncovers how attackers turned thousands of ASUS routers into a worldwide spy network.
securityscorecard.com
November 20, 2025 at 11:51 AM
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
Autumn Dragon: China-nexus APT Group Targets South East Asia
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
Autumn Dragon: China-nexus APT Group Targets South East Asia
In this report, we describe how we tracked for several months a sustained espionage campaign against the government, media, and news sectors in several countries including Laos, Cambodia, Singapore, t...
cyberarmor.tech
November 20, 2025 at 11:43 AM
Autumn Dragon: China-nexus APT Group Targets South East Asia
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
Army's Information Vanguard: 1st TIAD Activation Signals Strategic Shift
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
www.pacom.mil
November 20, 2025 at 11:28 AM
Army's Information Vanguard: 1st TIAD Activation Signals Strategic Shift
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare | Amazon Web Services
The new threat landscape The line between cyber warfare and traditional kinetic operations is rapidly blurring. Recent investigations by Amazon threat intelligence teams have uncovered a new trend tha...
aws.amazon.com
November 20, 2025 at 11:09 AM
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
Hackathon V – A cyber and computer challenge event for young people www.dvidshub.net/news/551717/...
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
November 19, 2025 at 5:31 PM
Hackathon V – A cyber and computer challenge event for young people www.dvidshub.net/news/551717/...
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous