Chinese state-affiliated group notable for blending espionage with financially-motivated operations (game-industry currency theft, cryptocurrency). Implicated in multiple software supply-chain compro…
Russian-speaking double-extortion crew historically aligned with TA505/FIN11. Specialized in mass exploitation of managed-file-transfer software zero-days: Accellion FTA (2020), GoAnywhere MFT (early…
Chinese state-sponsored intrusion set assessed to operate on behalf of the Ministry of State Security (MSS). Best known for the OPM breach (discovered May 2014, exfiltration through April 2015) — the…
PRC state-sponsored intrusion set named by Microsoft for the January 2021 mass exploitation of on-prem Exchange Server via the ProxyLogon chain (CVE-2021-26855 / -26857 / -26858 / -27065). Hafnium op…