Purpose and Scope. this report summarizes major APT group activity in February 2026. the analysis covers supply chain compromises, zero-day exploits, network segregation bypass, and backup and network infrastructure compromises. the major groups included in the report are APT28, Lotus Blossom, TA-RedAnt (APT37), UAT-8616, UNC3886, and UNC6201. Major APT groups by region. Lotus Blossom exploited […]

  Key APT Groups   Sandworm attempted to destroy OT and IT equipment using DynoWiper after exploiting a vulnerable configuration of FortiGate, targeting at least 30 energy facilities, including wind and solar power plants in Poland, by the end of December 2025. They directly damaged RTUs, IEDs, and serial devices or manipulated settings to cause […]

  Key APT Group Trends by Region   1) North Korea   North Korean state‑sponsored threat groups have increasingly relied on fake IT employment schemes, actively exploiting legitimate hiring platforms and fabricated identities to infiltrate corporate environments. These actors frequently take advantage of remote‑work infrastructures to obtain elevated access and conduct long‑term social engineering operations […]