{"id":36248,"date":"2026-05-28T08:47:04","date_gmt":"2026-05-28T08:47:04","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=36248"},"modified":"2026-05-28T08:47:09","modified_gmt":"2026-05-28T08:47:09","slug":"nsfocus-monthly-apt-insights-march-2026","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/nsfocus-monthly-apt-insights-march-2026\/","title":{"rendered":"NSFOCUS Monthly APT Insights \u2013 March 2026"},"content":{"rendered":"\n

Regional APT Threat Situation<\/h2>\n\n\n\n

In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Regarding the activity levels of different groups, the most active APT group this month was TransparentTribe, operating out of South Asia, and APT28, based in Eastern Europe. Other notably active groups included MuddyWater from the Middle East and SideWinder from South Asia.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

The most prevalent intrusion method in this month’s incidents was spear-phishing email attacks, accounting for 87% of all attack events. A small number of threat actors also utilized vulnerability exploitations (10%) and watering hole attacks for infiltration (3%).<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

In March 2026, the primary target industries for APT groups were military institutions, accounting for 33%, followed by government agencies, accounting for 30%. Other attack targets included organizations and individuals, research institutions and financial institutions.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

South Asia<\/strong><\/p>\n\n\n\n

This month, APT activity in South Asia was primarily driven by known APT groups. Victims included Indian military institutions and government agencies, Pakistani government agencies and military institutions, Sri Lankan military institutions and government agencies, and Afghan military institutions. In terms of attack tactics, spear-phishing emails constituted the primary method employed in South Asian APT operations this month. A typical decoy targeted Indian defense-related military entities: the attacking group utilized its customary spear-phishing approach, delivering a PowerPoint file as the payload.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

Eastern Europe<\/strong><\/p>\n\n\n\n

This month, APT activities in Eastern Europe were primarily conducted by known APT groups. Victims included Ukrainian government agencies, Ukrainian military institutions, Ukrainian organizations or individuals, and Romanian government agencies. In terms of attack tactics, spear-phishing emails remained the predominant method employed in Eastern European APT operations this month, complemented by some incidents where threat actors exploited vulnerabilities to gain initial access. Regarding spear-phishing campaigns, a typical decoy involved a forged government document purportedly issued by the Romanian Border Police.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

Middle East<\/p>\n\n\n\n

This month, APT activities in the Middle East were primarily carried out by known APT groups. Victims included Israeli government agencies, Israeli organizations or individuals, Iraqi government departments, U.S. infrastructure entities, as well as various organizations and individuals across the Middle East. In terms of attack tactics, spear-phishing via email remained the predominant method employed in Middle Eastern APT operations this month. Regarding spear-phishing campaigns, a notable example involved phishing SMS messages targeted at the Israeli public.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

East Asia<\/strong><\/p>\n\n\n\n

This month, APT activities in East Asia were primarily conducted by known APT groups, with victims predominantly located in South Korea. Affected entities included South Korean research institutions, the financial sector, as well as various organizations and individuals. In terms of attack tactics, the majority of APT operations in East Asia this month relied on spear-phishing emails, while a minority utilized waterhole attacks. Regarding spear-phishing campaigns, a typical decoy involved a forged government announcement purportedly issued by the Republic of Korea Army.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

Global Key APT Events<\/h2>\n\n\n\n
Event Name<\/strong><\/th>Related Groups<\/strong><\/th><\/tr><\/thead>
The APT group UNC1069 orchestrated the Axios supply chain poisoning campaign<\/td>UNC1069<\/td><\/tr>
A vulnerability in F5 BIG-IP products, CVE-2025-53521, has been escalated to a Remote Code Execution (RCE) severity and is currently being exploited in the wild<\/td>Unconfirmed<\/td><\/tr>
The Threat Actor Leverages OpenClaw-Related GitHub Repositories to Distribute Malware<\/td>TroyDen<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

Interpretation of Key APT Events<\/h2>\n\n\n\n

The APT group UNC1069 orchestrated the Axios supply chain poisoning campaign<\/strong><\/p>\n\n\n\n

Earlier this year, the North Korean APT group UNC1069 compromised the account of Jason Saayman, a key administrator of the popular JavaScript project Axios. The group leveraged this access to publish malicious versions of the Axios package, executing a supply chain poisoning attack.<\/p>\n\n\n\n

UNC1069 initially gained control of Saayman’s npm account through unspecified social engineering tactics. This compromise granted them the authority to push new versions of the Axios project via the npm JavaScript package manager, establishing the foundation for their supply chain assault.<\/p>\n\n\n\n

UNC1069 is considered a subordinate entity of the North Korean APT group Lazarus. Security researchers have widely attributed the Axios supply chain incident to this group, as the macOS-based RAT malware deployed in the attack bears a striking resemblance to the WAVESHAPER backdoor previously associated with them. As the APT group with the highest attack frequency and the broadest impact, Lazarus has evolved into a massive criminal conglomerate comprising multiple sub-groups.<\/p>\n\n\n\n

The timeline of known Lazarus supply chain operations is provided in the table below:<\/p>\n\n\n\n

Date<\/strong><\/th>Victim \/ Target<\/strong><\/th>Incident Overview<\/strong><\/th><\/tr><\/thead>
2021<\/strong><\/strong><\/td>Several South Korean Software Companies<\/td>Lazarus leveraged the supply chain of domestic South Korean security software to conduct infiltration. The attackers tampered with the update mechanisms of trusted software, implanting malicious code to target government agencies and financial institutions.<\/td><\/tr>
2022<\/strong><\/strong><\/td>Trading Technologies<\/td>Lazarus compromised X_TRADER, a financial trading software from this company that had ceased maintenance but remained in use. This incident served as the root cause of the subsequent widespread 3CX infection.<\/td><\/tr>
\u2026\u2026<\/strong><\/strong><\/td>\u2026\u2026<\/td>\u2026\u2026<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

A vulnerability in F5 BIG-IP products, CVE-2025-53521, has been escalated to a Remote Code Execution (RCE) severity and is currently being exploited in the wild<\/strong><\/p>\n\n\n\n

In a March announcement, networking equipment vendor F5 stated that the vulnerability type of a known flaw in its BIG-IP products, CVE-2025-53521, has been reclassified. Originally identified as a Denial of Service (DoS) vulnerability, it has been upgraded to a Remote Code Execution (RCE) vulnerability. Consequently, its severity score has increased from 7.5 (CVSS v3.1) \/ 8.7 (CVSS v4.0) to 9.8 (CVSS v3.1) \/ 9.3 (CVSS v4.0). Furthermore, active exploitation of this vulnerability in the wild has been confirmed.<\/p>\n\n\n\n

CVE-2025-53521 was initially disclosed in F5’s quarterly security bulletin on October 15, 2025. At that time, it was characterized as a DoS vulnerability affecting the F5 BIG-IP Access Policy Manager (APM) system. It was believed that attackers could craft specific malicious network traffic to cause the Traffic Management Microkernel (TMM) to crash, leading to device reboots or service interruptions. The understanding of this vulnerability evolved following the F5 source code leak in October 2025.<\/p>\n\n\n\n

A national-level APT group infiltrated F5 Networks’ internal systems prior to August 9, 2025, stealing the majority of the BIG-IP source code along with information on undisclosed vulnerabilities. F5 publicly disclosed this breach and several of the previously unknown vulnerabilities, including CVE-2025-53521, in its quarterly security bulletin on October 15, 2025. Since the October disclosure, new intelligence regarding the F5 source code leak has emerged.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n\n\n\n

The threat actor leverages OpenClaw-related GitHub repositories to distribute malware<\/strong><\/p>\n\n\n\n

An unconfirmed threat actor (temporarily designated as TroyDen) launched a campaign in early 2026 exploiting the popularity of “OpenClaw.”<\/p>\n\n\n\n

The group utilized AI tools to generate a large volume of GitHub repositories encompassing popular open-source projects, game cheats, and development tools. Malicious Lua scripts were injected into these projects to deliver malware. To enhance credibility, the group employed Search Engine Optimization (SEO) techniques to boost the search ranking of these repositories and used fake accounts to artificially inflate their Star and Fork counts. A typical example is the AAAbiola\/openclaw-docker project created by TroyDen.<\/p>\n\n\n\n

In our February 2026 monthly report, we discussed security concerns surrounding emerging AI Agent tools, outlining eight potential exploitation scenarios: credential leakage, access control flaws, malicious skill injection, data exfiltration, task chain pollution, network exposure, lack of auditing, and sandbox evasion. However, the recent TroyDen incident has outpaced all theoretical predictions: the immense popularity of OpenClaw itself has become an exploitable vector. Attackers can conceal their payloads within OpenClaw deployment tools.<\/p>\n\n\n\n

Subscribe<\/a> NSFOCUS Threat Intelligence for full details of APT incident insights.<\/p>\n","protected":false},"excerpt":{"rendered":"

Regional APT Threat Situation In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below. Regarding the activity levels of different groups, the most active […]<\/p>\n","protected":false},"author":1,"featured_media":34391,"comment_status":"open","ping_status":"open","sticky":false,"template":"post-templates\/single-layout-8.php","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[3],"tags":[93,1024,987,693],"class_list":["post-36248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-apt","tag-apt-group-2","tag-nti","tag-threat-intelligence"],"acf":[],"yoast_head":"\nNSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Regional APT Threat Situation In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below. Regarding the activity levels of different groups, the most active […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-28T08:47:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-28T08:47:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"328\" \/>\n\t<meta property=\"og:image:height\" content=\"225\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"NSFOCUS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"NSFOCUS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/\"},\"author\":{\"name\":\"NSFOCUS\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"NSFOCUS Monthly APT Insights \u2013 March 2026\",\"datePublished\":\"2026-05-28T08:47:04+00:00\",\"dateModified\":\"2026-05-28T08:47:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/\"},\"wordCount\":1305,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/maiores-ataques-hackers.jpg\",\"keywords\":[\"APT\",\"APT Group\",\"NTI\",\"threat intelligence\"],\"articleSection\":[\"Blog\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/\",\"name\":\"NSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/maiores-ataques-hackers.jpg\",\"datePublished\":\"2026-05-28T08:47:04+00:00\",\"dateModified\":\"2026-05-28T08:47:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/maiores-ataques-hackers.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/maiores-ataques-hackers.jpg\",\"width\":328,\"height\":225,\"caption\":\"Imagem que ilustra um hacker.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/nsfocus-monthly-apt-insights-march-2026\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NSFOCUS Monthly APT Insights \u2013 March 2026\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"NSFOCUS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"NSFOCUS\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/","og_locale":"pt_BR","og_type":"article","og_title":"NSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS","og_description":"Regional APT Threat Situation In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below. Regarding the activity levels of different groups, the most active […]","og_url":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/","og_site_name":"NSFOCUS","article_published_time":"2026-05-28T08:47:04+00:00","article_modified_time":"2026-05-28T08:47:09+00:00","og_image":[{"width":328,"height":225,"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg","type":"image\/jpeg"}],"author":"NSFOCUS","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"NSFOCUS","Est. tempo de leitura":"7 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/"},"author":{"name":"NSFOCUS","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"NSFOCUS Monthly APT Insights \u2013 March 2026","datePublished":"2026-05-28T08:47:04+00:00","dateModified":"2026-05-28T08:47:09+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/"},"wordCount":1305,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg","keywords":["APT","APT Group","NTI","threat intelligence"],"articleSection":["Blog"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/","url":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/","name":"NSFOCUS Monthly APT Insights \u2013 March 2026 - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg","datePublished":"2026-05-28T08:47:04+00:00","dateModified":"2026-05-28T08:47:09+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2025\/11\/maiores-ataques-hackers.jpg","width":328,"height":225,"caption":"Imagem que ilustra um hacker."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/nsfocus-monthly-apt-insights-march-2026\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"NSFOCUS Monthly APT Insights \u2013 March 2026"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/#website","url":"https:\/\/nsfocusglobal.com\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"NSFOCUS","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"NSFOCUS"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/36248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=36248"}],"version-history":[{"count":1,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/36248\/revisions"}],"predecessor-version":[{"id":36254,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/36248\/revisions\/36254"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/34391"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=36248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=36248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=36248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}