780th Military Intelligence Brigade (Cyber)
@780thmibdecyber.bsky.social
Official Bluesky page of the 780th Military Intelligence Brigade (Cyber). The Army's only offensive cyberspace operations brigade (following, re-posts, and links ≠ endorsement).
Pinned
"Ubique Et Semper In Pugna" Latin for "Everywhere and always fighting" – We don't talk about what we do nor who we are in a cyber 'knife fight' with; however, we are "Everywhere and Always...In the Fight!" We are the only offensive cyberspace operations brigade in the U.S. Army.
This week Validin began tracking a new variant of the DPRK-linked Contagious Interview operation, an illicit job-platform campaign designed to socially engineer and compromise people seeking jobs in a variety of roles | www.validin.com/blog/inside_...
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent | Validin
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent
www.validin.com
November 21, 2025 at 12:21 PM
This week Validin began tracking a new variant of the DPRK-linked Contagious Interview operation, an illicit job-platform campaign designed to socially engineer and compromise people seeking jobs in a variety of roles | www.validin.com/blog/inside_...
Google Threat Intelligence Group (GTIG) is tracking a long-running and adaptive cyber espionage campaign by APT24, a People's Republic of China (PRC)-nexus threat actor. cloud.google.com/blog/topics/... @newsfromgoogle.bsky.social
APT24's Pivot to Multi-Vector Attacks | Google Cloud Blog
PRC-nexus APT24 uses BADAUDIO malware in a persistent, multi-vector espionage campaign targeting Taiwan.
cloud.google.com
November 21, 2025 at 12:02 PM
Google Threat Intelligence Group (GTIG) is tracking a long-running and adaptive cyber espionage campaign by APT24, a People's Republic of China (PRC)-nexus threat actor. cloud.google.com/blog/topics/... @newsfromgoogle.bsky.social
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus | www.gendigital.com/blog/insight...
Alliances of convenience: How APTs are beginning to work together
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus
www.gendigital.com
November 21, 2025 at 11:55 AM
Gen Threat Labs uncover evidence of rare cross-country coordination between Russia’s Gamaredon and North Korea’s Lazarus | www.gendigital.com/blog/insight...
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
Two U.S. citizens and two nationals of the People’s Republic of China (PRC)—all residing in the United States—have been charged with a conspiracy to illegally export cutting-edge NVIDIA Graphics Proce...
www.justice.gov
November 21, 2025 at 11:38 AM
U.S. Citizens and Chinese Nationals Arrested for Exporting Artificial Intelligence Technology to China
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
November 20, 2025, U.S. Department of Justice
www.justice.gov/opa/pr/us-ci... @thejusticedept.govmirrors.com
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts - Breaking Defense
“We’re now going to see agentic cyber defenses deployed against agentic cyber attacks,” said Lt. Gen. Jack Shanahan, founder of the Pentagon’s Joint Artificial Intelligence Center.
breakingdefense.com
November 21, 2025 at 11:35 AM
Chinese use of Claude AI for hacking will drive demand for AI cyber defense, say experts
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
November 20, 2025, Breaking Defense
breakingdefense.com/2025/11/chin... @breakingdefense.com
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) | ShadowPad is a backdoor malware used by numerous Chinese APT groups. AhnLab Security intelligence Center (ASEC) asec.ahnlab.com/en/91166/
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) - ASEC
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) ASEC
asec.ahnlab.com
November 20, 2025 at 12:56 PM
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) | ShadowPad is a backdoor malware used by numerous Chinese APT groups. AhnLab Security intelligence Center (ASEC) asec.ahnlab.com/en/91166/
NSA Joins CISA and Others to Release Guidance on Mitigating Malicious Activity from Bulletproof Hosting Provider Infrastructure
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
www.nsa.gov
November 20, 2025 at 12:03 PM
NSA Joins CISA and Others to Release Guidance on Mitigating Malicious Activity from Bulletproof Hosting Provider Infrastructure
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
November 19, 2025, NSA/CSS
www.nsa.gov/Press-Room/P...
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
SecurityScorecard’s STRIKE team uncovers how attackers turned thousands of ASUS routers into a worldwide spy network.
securityscorecard.com
November 20, 2025 at 11:51 AM
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
November 19, 2025, SecurityScorecard
securityscorecard.com/blog/operati...
@securityscorecard.bsky.social
Autumn Dragon: China-nexus APT Group Targets South East Asia
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
Autumn Dragon: China-nexus APT Group Targets South East Asia
In this report, we describe how we tracked for several months a sustained espionage campaign against the government, media, and news sectors in several countries including Laos, Cambodia, Singapore, t...
cyberarmor.tech
November 20, 2025 at 11:43 AM
Autumn Dragon: China-nexus APT Group Targets South East Asia
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
November 18, 2025, CyberArmor
cyberarmor.tech/blog/autumn-...
Army's Information Vanguard: 1st TIAD Activation Signals Strategic Shift
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
www.pacom.mil
November 20, 2025 at 11:28 AM
Army's Information Vanguard: 1st TIAD Activation Signals Strategic Shift
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
November 19, 2025, 1st Theater Information Advantage Detachment | PACOM
www.pacom.mil/Media/NEWS/N...
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare | Amazon Web Services
The new threat landscape The line between cyber warfare and traditional kinetic operations is rapidly blurring. Recent investigations by Amazon threat intelligence teams have uncovered a new trend tha...
aws.amazon.com
November 20, 2025 at 11:09 AM
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
November 19, 2025, Amazon Web Services
aws.amazon.com/blogs/securi... @awscloud.bsky.social
Hackathon V – A cyber and computer challenge event for young people www.dvidshub.net/news/551717/...
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
November 19, 2025 at 5:31 PM
Hackathon V – A cyber and computer challenge event for young people www.dvidshub.net/news/551717/...
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
This is the 5th year the 780th Military Intelligence Brigade (Cyber) hosted Hackathon, a program intended to encourage teen interest in cybersecurity @ARCYBER @USArmy credit to MC3 Wanous
‘We are under attack’: Italian defense minister accuses Russia of waging hybrid war
November 18, 2025, Politico
www.politico.eu/article/ital... @politico.eu
November 18, 2025, Politico
www.politico.eu/article/ital... @politico.eu
‘We are under attack’: Italian defense minister accuses Russia of waging hybrid war
It is “absurd” that there is so little reaction, wrote Defense Minister Guido Crosetto.
www.politico.eu
November 19, 2025 at 11:55 AM
‘We are under attack’: Italian defense minister accuses Russia of waging hybrid war
November 18, 2025, Politico
www.politico.eu/article/ital... @politico.eu
November 18, 2025, Politico
www.politico.eu/article/ital... @politico.eu
Poland says 2 Ukrainians working for Russia are suspected in railway track blast | Western officials have accused Russia and its proxies of staging dozens of attacks and other incidents across Europe since the invasion of Ukraine. apnews.com/article/pola... @apnews.com
Poland says 2 Ukrainians working for Russia are suspected in railway track blast
Polish Prime Minister Donald Tusk says two Ukrainian citizens working for Russia are suspected of blowing up a railway line in Poland.
apnews.com
November 19, 2025 at 11:55 AM
Poland says 2 Ukrainians working for Russia are suspected in railway track blast | Western officials have accused Russia and its proxies of staging dozens of attacks and other incidents across Europe since the invasion of Ukraine. apnews.com/article/pola... @apnews.com
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks | www.welivesecurity.com/en/eset-rese... @esetofficial.bsky.social
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks.
www.welivesecurity.com
November 19, 2025 at 11:44 AM
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks | www.welivesecurity.com/en/eset-rese... @esetofficial.bsky.social
MI5 said that the Chinese Ministry of State Security (MSS) was using websites like LinkedIn to build relationships with parliamentarians. www.cnn.com/2025/11/18/u... @cnn.com
Chinese spies using LinkedIn to target British lawmakers, MI5 warns | CNN
Britain’s domestic spy service, MI5, warned lawmakers on Tuesday that China’s intelligence services are posing as recruiters to target people who work in Parliament, just weeks after the collapse of a...
www.cnn.com
November 19, 2025 at 11:43 AM
MI5 said that the Chinese Ministry of State Security (MSS) was using websites like LinkedIn to build relationships with parliamentarians. www.cnn.com/2025/11/18/u... @cnn.com
Frontline Intelligence: Analysis of UNC1549 TTPs, Custom Tools, and Malware Targeting the Aerospace and Defense Ecosystem
November 17, 2025, Mandiant | Google
cloud.google.com/blog/topics/...
November 17, 2025, Mandiant | Google
cloud.google.com/blog/topics/...
Frontline Intelligence: Analysis of UNC1549 TTPs, Custom Tools, and Malware Targeting the Aerospace and Defense Ecosystem | Google Cloud Blog
Tactics, techniques and procedures we discovered during incident response investigations into UNC1549 activity.
cloud.google.com
November 17, 2025 at 5:50 PM
Frontline Intelligence: Analysis of UNC1549 TTPs, Custom Tools, and Malware Targeting the Aerospace and Defense Ecosystem
November 17, 2025, Mandiant | Google
cloud.google.com/blog/topics/...
November 17, 2025, Mandiant | Google
cloud.google.com/blog/topics/...
No further updates to the 780th Military Intelligence Brigade (Cyber) social media accounts until after the government furlough.
October 1, 2025 at 10:22 AM
No further updates to the 780th Military Intelligence Brigade (Cyber) social media accounts until after the government furlough.
China’s cyberattacks, electronic espionage subverting U.S. and its allies, report says |
www.washingtontimes.com/news/2025/se... @washtimes.bsky.social
www.washingtontimes.com/news/2025/se... @washtimes.bsky.social
China’s cyberattacks, electronic espionage subverting U.S. and its allies, report says
China’s aggressive and technically advanced cyberattacks, electronic espionage and information operations are strategic weapons targeting the United States, according to a major study by an intelligen...
www.washingtontimes.com
September 30, 2025 at 12:41 PM
China’s cyberattacks, electronic espionage subverting U.S. and its allies, report says |
www.washingtontimes.com/news/2025/se... @washtimes.bsky.social
www.washingtontimes.com/news/2025/se... @washtimes.bsky.social
Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
September 30, 2025, Unit 42 | Palo Alto
unit42.paloaltonetworks.com/phantom-taur...
September 30, 2025, Unit 42 | Palo Alto
unit42.paloaltonetworks.com/phantom-taur...
Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
Phantom Taurus is a previously undocumented Chinese threat group. Explore how this group's distinctive toolset lead to uncovering their existence.
unit42.paloaltonetworks.com
September 30, 2025 at 11:50 AM
Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
September 30, 2025, Unit 42 | Palo Alto
unit42.paloaltonetworks.com/phantom-taur...
September 30, 2025, Unit 42 | Palo Alto
unit42.paloaltonetworks.com/phantom-taur...
American and European officials say China’s Ministry of State Security, the civilian spy agency often called the M.S.S., in particular, has emerged as the driving force behind China’s most sophisticated cyber operations. www.nytimes.com/2025/09/28/w... @nytimes.com
How China’s Secretive Spy Agency Became a Cyber Powerhouse
www.nytimes.com
September 29, 2025 at 11:49 AM
American and European officials say China’s Ministry of State Security, the civilian spy agency often called the M.S.S., in particular, has emerged as the driving force behind China’s most sophisticated cyber operations. www.nytimes.com/2025/09/28/w... @nytimes.com
How Russia is Helping China Prepare to Seize Taiwan The Royal United Services Institute @rusi.bsky.social www.rusi.org/explore-our-...
How Russia is Helping China Prepare to Seize Taiwan
Russia has agreed to equip and train the PLA to air-drop armoured vehicles and special reconnaissance capabilities.
www.rusi.org
September 29, 2025 at 11:23 AM
How Russia is Helping China Prepare to Seize Taiwan The Royal United Services Institute @rusi.bsky.social www.rusi.org/explore-our-...
The BYTE Vol.13 Issue 4
Lethality: Training and Readiness – Soldiers / NCOs Responsibilities to Training
d34w7g4gy10iej.cloudfront.net/pubs/pdf_753...
#ArmyCyber @armycybercommand.bsky.social
Lethality: Training and Readiness – Soldiers / NCOs Responsibilities to Training
d34w7g4gy10iej.cloudfront.net/pubs/pdf_753...
#ArmyCyber @armycybercommand.bsky.social
September 26, 2025 at 2:04 PM
The BYTE Vol.13 Issue 4
Lethality: Training and Readiness – Soldiers / NCOs Responsibilities to Training
d34w7g4gy10iej.cloudfront.net/pubs/pdf_753...
#ArmyCyber @armycybercommand.bsky.social
Lethality: Training and Readiness – Soldiers / NCOs Responsibilities to Training
d34w7g4gy10iej.cloudfront.net/pubs/pdf_753...
#ArmyCyber @armycybercommand.bsky.social
Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat | Salt Typhoon is a Chinese state-sponsored cyber threat group aligned with the Ministry of State Security (MSS), specializing in long-term espionage operations | dti.domaintools.com/inside-salt-... @domaintools.bsky.social
Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat - DomainTools Investigations | DTI
Salt Typhoon is a Chinese state-sponsored cyber threat group aligned with the Ministry of State Security (MSS), specializing in long-term espionage operations targeting global telecommunications infra...
dti.domaintools.com
September 25, 2025 at 11:58 AM
Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat | Salt Typhoon is a Chinese state-sponsored cyber threat group aligned with the Ministry of State Security (MSS), specializing in long-term espionage operations | dti.domaintools.com/inside-salt-... @domaintools.bsky.social
Zscaler: COLDRIVER Updates Arsenal with BAITSWITCH and SIMPLEFIX | ThreatLabz attributes this campaign with moderate confidence to the Russia-linked APT group, COLDRIVER. www.zscaler.com/blogs/securi... @zscalerinc.bsky.social
COLDRIVER Adds BAITSWITCH and SIMPLEFIX | ThreatLabz
The Russia-linked group COLDRIVER targeted dissidents and their supporters using a ClickFix technique, resulting in the deployment of BAITSWITCH and SIMPLEFIX.
www.zscaler.com
September 25, 2025 at 11:55 AM
Zscaler: COLDRIVER Updates Arsenal with BAITSWITCH and SIMPLEFIX | ThreatLabz attributes this campaign with moderate confidence to the Russia-linked APT group, COLDRIVER. www.zscaler.com/blogs/securi... @zscalerinc.bsky.social