LockBit Team Archivi

New attacks in Italy, novel APT operations, reported data breaches

Italy: multiple malicious activities observed A phishing campaign has been detected in Italy leveraging the name of the Agenzia delle Entrate–Riscossione with the aim of stealing login credentials belonging to...

Latest from Italy, updates in the state-sponsored landscape, ransomware and leaks

10 Apr

Italy: several malicious activities observed In the past week, several offensives have targeted Italian entities. Specifically, Microsoft reported an advanced phishing campaign exploiting the legitimate “device code flow” authentication mechanism...

War in Iran and cyber operations, offensive activity in Italy, iOS threats, and phishing campaigns

30 Mar

Iran: cyber offensives linked to the conflict In the context of the escalation between the United States, Israel, and Iran, the cyber domain continues to represent a relevant operational space,...

Cyber operations in the Iranian conflict, attacks in Italy, developments in the APT landscape

16 Mar

Iran: cyberattacks in the context of the conflict Within the context of the escalation between the United States, Israel, and Iran, the cyber domain continues to represent a significant operational...

Iranian conflict and cyber warfare, attacks in Italy, LeakBase and Tycoon 2FA disrupted

09 Mar

Iran: cyber offensives linked to the conflict The conflict between the United States, Israel, and Iran has unfolded alongside extensive cyber operations, with reports of widespread internet disruptions, hacking of...

Ransomware and phishing in Italy, new Asia-based state-sponsored activity, Cisco and Fortinet 0-days

26 Jan

Italy: new cybercrime attacks New operations linked to a phishing campaign themed around the renewal of the health insurance card have been identified in Italy, initially reported on January 8, 2026. The theme has proven...

New attacks in Italy, data breaches reported, offensives from China

05 Jan

Italy: new phishing and ransomware offensives Over the past two weeks, multiple phishing campaigns have targeted Italian users. One operation abused the name and logo of Fineco Bank. In particular, a fraudulent email with the subject “Confirmation of...

Updates on React2Shell exploitation, the latest from Beijing and Tehran, new attacks in Italy

12 Dec

React2Shell: EtherRAT and other malware delivered in state-sponsored and cybercrime activity During a recent attack based on the exploitation of the critical vulnerability CVE-2025-55182 (known as React2Shell), security researchers identified...