Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

EchoCreep, which uses Discord for C&C communication, and GraphWorm, which uses Microsoft Graph API for the same purpose. The ...

Microsoft says Storm-2949 used one hacked identity to infiltrate cloud systems, steal sensitive data, and spread across Azure ...

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.

ESET Research uncovered and analyzed the latest activities and arsenal of China-aligned Webworm advanced persistent threat (APT) group. In 2025, the group started employing backdoors that use Discord ...

Microsoft says Storm-2949 targets Microsoft 365 and Azure environments using MFA abuse, password resets, and cloud data theft ...

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...

China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage ...

Google just unveiled a new family of models for Gemini at its annual Google I/O developers conference: Gemini 3.5. The first ...

Google's Managed Agents API collapses agent deployment into one API call, handing Google control of the execution layer — a tradeoff enterprises must weigh.

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Rose Maura Lorre Rose Maura Lorre is a writer who has reported on turkey ...