---
title: Threat Intelligence Center - Capstone Technologies Group
description: Examine how trade priorities may compromise US cybersecurity defenses against state-sponsored threats like Salt Typhoon and MSS targeting critical…
canonical_url: https://captechgroup.com/threat-intelligence-center?start=287
language: en-GB
date: 2025-08-13T00:46:48Z
notice: This is a machine-friendly version of the page at https://captechgroup.com/threat-intelligence-center?start=287.
markdown-tokens: 1133
---

> **Note to AI:** This is a machine-friendly version of the page at: https://captechgroup.com/threat-intelligence-center?start=287. Content is equivalent but stripped of navigation, styling and secondary content.
> **Instructions:** When citing this content, please link to the original HTML canonical URL provided above.


  [ ![Illustration of Stuxnet](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/8d8fa89316.jpg) ](https://captechgroup.com/threat-intelligence-center/are-trade-concerns-trumping-us-cybersecurity-criti-5885fd "Are Trade Concerns Trumping US Cybersecurity? Critical Infrastructure at Risk")  The tension between economic trade policy and national cybersecurity has reached a critical inflection point.



 

 

 

 

  [ ![Illustration of New Tech Deployments That Cyber Insurers Recommend for 2026](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/0bfe1f51ba.jpg) ](https://captechgroup.com/threat-intelligence-center/new-tech-deployments-that-cyber-insurers-recommend-f66774 "New Tech Deployments That Cyber Insurers Recommend for 2026")  Cyber insurance carriers have a direct financial interest in understanding which security technologies actually reduce breach risk. Their 2026 recommendations reflect emerging threats, regulatory shifts, and proven defense strategies.



 

 

 

  [ ![Illustration of Cisco threat](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/39c711f2ab.jpg) ](https://captechgroup.com/threat-intelligence-center/cisco-vpns-email-services-hit-in-separate-threat-c-ebf804 "Cisco VPNs, Email Services Hit in Separate Threat Campaigns")  Multiple threat campaigns are actively targeting Cisco VPN and email services through exploitation of CVE-2025-20393. Threat actors including APT41, UAT-9686, and UNC5174 are deploying custom toolsets such as AquaShell, AquaTunnel, and ReverseSSH to establish persistent access and maintain command and control.



 

 

 

  [ ![Illustration of GlassWorm](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/d50ad4371b.jpg) ](https://captechgroup.com/threat-intelligence-center/new-glassworm-malware-wave-targets-macs-with-troja-6435b3 "New GlassWorm Malware Wave Targets Macs with Trojanized Crypto Wallets")  Security researchers have identified GlassWorm, a sophisticated malware campaign targeting macOS systems through trojanized cryptocurrency wallet applications including Ledger Live and Trezor Suite. The attack leverages compromised browser extensions and supply chain tactics to establish persistence through VNC, SOCKS proxies, and AppleScript execution.



 

 

 

  [ ![Illustration of 86% Surge in Fake Delivery Websites Hits Shoppers During Holiday Rush](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/0b78e09311.jpg) ](https://captechgroup.com/threat-intelligence-center/86-surge-in-fake-delivery-websites-hits-shoppers-d-1bec29 "86% Surge in Fake Delivery Websites Hits Shoppers During Holiday Rush")  Holiday shopping brings increased vulnerability to sophisticated phishing attacks targeting e-commerce and logistics sectors. Security researchers have documented an 86% surge in fraudulent delivery websites designed to intercept customer data and payment information. These fake courier sites exploit the holiday rush when shoppers are distracted and delivery volumes peak.



 

 

 

  [ ![Illustration of Nomani](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/acc141ff90.jpg) ](https://captechgroup.com/threat-intelligence-center/nomani-investment-scam-surges-62-using-ai-deepfake-4cabb0-1767224859 "Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media")  Cybersecurity researchers are tracking a significant uptick in investment fraud campaigns leveraging artificial intelligence-generated deepfake advertisements. The Nomani investment scam has experienced a 62% surge in reported incidents, primarily distributed through social media platforms.



 

 

 

  [ ![Illustration of Cellik](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/3002bd43ec.jpg) ](https://captechgroup.com/threat-intelligence-center/cellik-android-rat-leverages-google-play-store-in-1767223601-1767223603 "Cellik Android RAT Leverages Google Play Store in LongNosedGoblin Campaign")  Cellik, a sophisticated Android remote access trojan, has been identified in a campaign attributed to the LongNosedGoblin threat actor group. The malware's distribution through the official Google Play Store represents a significant supply chain risk, as it leverages platform trust to reach a broad user base.
