CVE Database Threat Actors Research API Docs

Visit Strobes.co Sign Up for Strobes

CVE Database Threat Actors Research API Docs

Tools

Visit Strobes.co Sign Up for Strobes

Do you like the insights?

Strobes vulnerability intelligence is a key component of their Exposure Management platform that helps organizations understand, prioritize, and address security vulnerabilities more effectively.

© 2026 Strobes Security. All rights reserved.

Home Threat ActorsGreenSpot

GreenSpot

Also known as: PoisonVine, APT-Q-20

TW

0

Exploited CVEs

Overview

GreenSpot is an APT group believed to operate from Taiwan, active since at least 2007, primarily targeting government, academic, and military entities in China through phishing campaigns. The group frequently targets 163.com, aiming to steal login credentials using deceptive domains, manipulated TLS certificates, and counterfeit interfaces. Their tactics highlight the sophistication of modern credential theft operations, necessitating detection efforts focused on irregular domain registrations and certificate anomalies.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions

Search related CVEs Browse all threat actors

GreenSpot - Threat Actor Profile & Exploited CVEs | Strobes VI | Strobes VI