#APT
8 stories taggedAPT.

ToddyCat's New Umbrij Malware Pulls Gmail Straight From Google's API
Kaspersky ties the China-nexus crew to a Gmail-siphoning tool that skips the browser and talks to Google directly.

SharkLoader Drops Cobalt Strike on Asian Government Targets in 'StrikeShark' Campaign
A previously undocumented loader is being used against a diplomatic office in Indonesia and government bodies in Taiwan, with operators staging Cobalt Strike Beacon as the final payload.

Turla's STOCKSTAY: A Fresh .NET Backdoor Aimed at Kyiv and Rome
Google's threat hunters tie the Russian FSB-linked crew to a previously undocumented Windows implant hitting Ukrainian military targets and Italy-focused diplomatic entities.

Briefing: Apple Fixes Beats Bug, GCP Config Connector Flaw Enables Account Takeover, Velvet Ant's Decade in the Shadows
A Bluetooth eavesdropping patch, a quietly dangerous GCP misconfiguration vulnerability, and a threat actor that spent ten years undetected — here's what you may have missed.

Velvet Ant Lived Inside PAM and OpenSSH for Nearly Ten Years
A China-nexus crew skipped the endpoints defenders actually watch and backdoored the Linux login stack itself, where IR runbooks rarely reach.

FBI Dismantles 13 Sites Tied to Chinese Influence Operation Targeting Cleared US Personnel
The seized domains posed as consulting firms advertising jobs — a tradecraft pattern consistent with state-directed recruitment campaigns against intelligence community insiders.

Five Eyes Warns: Chinese Intelligence Officers Posing as Recruiters to Harvest Government Secrets
A joint advisory flags a persistent social engineering campaign targeting personnel with access to classified material — fake job offers, real espionage.

Lithuania Probes Foreign Hand in Leak of 600,000-Plus National Register Records
Lithuanian authorities suspect state-linked actors after a data breach exposed more than 600,000 entries from government population and registration databases.