Tag: cyber espionage
200 articles

China-Linked Malware Resurfaces in Taiwan with Advanced Backdoors
Meet Daxin, a sneaky kernel-mode rootkit that's been upgraded with advanced backdoors, allowing it to hijack legitimate connections and evade detection by blending into normal network activity. This China-linked malware has a unique trick up its sleeve, monitoring incoming TCP traffic to carry out encrypted communications undetected.

Europe Targets Russia's Turla in Coordinated Cyber Sanctions
The European Union is cracking down on Russia's notorious cyber-espionage group, Turla, with coordinated sanctions aimed at disrupting their years-long campaign of malicious activities. Nine Russian individuals and four entities, including the FSB's Center 16, have been targeted in the punitive measures.

China, India-Aligned Hackers Target Pakistani Law Enforcement in Espionage Campaigns
Cyber attackers have launched a stealthy espionage campaign targeting Pakistani law enforcement agencies, breaching sensitive data like biometric records, criminal files, and personnel info. The compromised assets included servers managing police and citizen data at organizations like Balochistan Police.

Microsoft Exposes GigaWiper Backdoor's Triple Threat
Microsoft has uncovered a highly destructive backdoor, dubbed GigaWiper, which poses a triple threat to Windows systems, allowing attackers to silently spy and destroy machines in three different ways. This multi-purpose threat doesn't just crash systems - it gives attackers the power to choose how and when to render a machine irrecoverable.

Armored Likho Exploits Global Targets with BusySnake Stealer
Meet Armored Likho, a sneaky threat actor who's been wreaking havoc globally, exploiting both private individuals and organizations, including government agencies and electric power sectors in Russia, Brazil, and Kazakhstan. With a blend of financially motivated attacks and targeted cyber espionage, Armored Likho is a force to be reckoned with.

MuddyWater Exploits Ransomware Disguise for Cyber Espionage
The line between ransomware attacks and nation-state espionage is rapidly blurring, as cyber groups like MuddyWater now disguise their operations as financially motivated ransomware attacks to further their strategic objectives. MuddyWater, linked to Iran's Ministry of Intelligence and Security, has been caught posing as the Chaos ransomware group in a deliberate campaign.

AryStinger Malware Infects 4,300 Routers in Global Reconnaissance Network
Meet AryStinger, a sneaky new malware that's hijacked over 4,300 home routers worldwide, transforming them into a covert network for spying and proxying - and the numbers are still climbing. This cunning malware lets hackers scan the internet, tunnel traffic, and run secret commands, all while hiding their digital tracks.

Enterprise Data Uploads to AI Models Surge 93% in a Year
In just one year, enterprise data uploads to AI models have skyrocketed 93%, with a staggering 18,033 terabytes of data - equivalent to 3.6 billion digital photos - being transferred to AI and machine learning applications. This massive surge raises serious concerns about data breaches and cyber espionage.

DragonForce Ransomware Exploits Microsoft Teams to Facilitate Months-Long Breach
Meet Backdoor.Turn, a sneaky new threat that uses Microsoft Teams to hide its tracks and wreak havoc on your network for months on end - and it's surprisingly sophisticated. This Go-based RAT masquerades as legit traffic by exploiting Teams' TURN relay servers.

Chinese Hackers Maintain Decade-Long Spy Operation in Isolated Network
Chinese hackers pulled off a stunning 10-year cyber-espionage heist, infiltrating a supposedly airtight network and gaining unfettered access to every login, command, and secret. The masterminds behind Operation Highland, linked to the Velvet Ant cluster, expertly embedded their digital fingerprints into the network's authentication process.

Russian national charged in Void Blizzard cyber-espionage scheme
A Russian national, Denis Nikolayevich Obrezko, has been charged with helping facilitate a massive cyber-espionage scheme that infiltrated at least 11 US companies, with authorities suspecting many more victims nationwide. Obrezko allegedly played a key role in the Void Blizzard campaign by buying a virtual private server and registering domain names used in the intrusions.

OceanLotus Targets Vietnam Investors with SPECTRALVIPER Backdoor
The notorious 15-year-old APT group, OceanLotus, is now setting its sights on Vietnam's investors with a cunning new backdoor attack called SPECTRALVIPER, showcasing their relentless adaptability and aggressive tactics. This latest move has left experts wondering if it's a temporary shift or a long-term strategy.

French Govt Messaging Service Breached in Account Hijacking Attack
France's digital affairs directorate swiftly sprang into action, blocking a compromised account that was used to hijack a government messaging service, and is now conducting a thorough investigation to assess the damage. The breach was detected by the French Cybersecurity Agency, allowing authorities to shut down the attacker's access and analyze what data was exposed.

Meta Alleges NSO Group Breaches Spyware Injunction
Meta just took a bold stand against NSO Group, the notorious spyware maker, by ramping up legal action after thwarting a sneaky phishing campaign aimed at WhatsApp users. The tech giant successfully blocked NSO-linked attempts to trick people into clicking malicious links, despite a US court injunction already in place.

Handala's Israeli Radar Claim Sparks Skepticism
Can a mysterious Iranian-linked hacker group really take down Israel's radar systems? Handala claims it did on the same day Israel and Iran exchanged missile fire, but experts are raising an eyebrow.

China-Aligned Hackers Target Czech Republic, Taiwan in Cyber Espionage Push
China-aligned hackers have launched a sneaky cyber espionage campaign, dubbed Operation Dragon Weave, targeting officials and citizens in the Czech Republic and Taiwan with a cunning malware that masquerades as a legitimate cloud storage service. The malware ultimately delivers an AdaptixC2 agent, putting sensitive information at risk.

Russia-linked Group Leverages ChatGPT in Cyberattacks on Ukraine
Meet GREYVIBE, a Russia-linked cyber group that's taking its attacks on Ukraine to the next level with the help of AI tools like ChatGPT, targeting the country's military and government. This sinister crew is leveraging cutting-edge tech to supercharge its cyberattacks.

Trump Reveals US, China Discussed Cyberattacks, Espionage
President Donald Trump revealed that he and Chinese President Xi Jinping had a candid conversation about cyberattacks and espionage, with Trump bluntly stating that the US spies on China just as China spies on the US. Trump hinted at a cat-and-mouse game between the two nations, saying the US does things to China that it doesn't know about, while China does things to the US that are probably known.

Ghostwriter Launches Geofenced PDF Phishing Against Ukraine Government
Meet FrostyNeighbor, a Belarus-aligned threat actor that's been wreaking havoc since 2016 with sophisticated cyber espionage and influence operations targeting Ukraine and beyond. This adaptive group has earned a reputation for evolving its tactics, using diverse lures and delivery mechanisms to stay one step ahead.

Iranian Hackers Target Electronics Maker in Global Espionage Push
Iran-linked hackers, known as MuddyWater, infiltrated a major South Korean electronics manufacturer's network for a week in February 2026, as part of a massive global cyber-espionage campaign targeting nine high-profile organizations across multiple sectors and countries.

Iranian Spies Masquerade as Ransomware Gangs in Espionage Ops
A new wave of cyber threats has emerged, where Iranian spies masquerade as ransomware gangs to secretly infiltrate and gather intel from targeted organizations. Behind the scenes, they're hiding a wide-open backdoor, putting defenders and the organizations they protect at risk.

MuddyWater hackers exploit Chaos ransomware as cyber-espionage decoy
MuddyWater hackers have cleverly used Chaos ransomware as a decoy to mask their true intentions - and it's not about making a quick buck. Instead, their tactics suggest a more sinister goal, blurring the lines between state-sponsored espionage and cybercrime.

FBI Disrupts China's Hacker-for-Hire Ecosystem with Key Extradition
The FBI has struck a major blow against China's notorious hacker-for-hire ecosystem, disrupting a vast network of private tech companies and contractors secretly working for the Chinese government. This bold move exposes a brazen operation that prioritized profit by exploiting vulnerable computers and selling sensitive information to the highest bidder.

Novel Chinese Spy Group Infiltrates Critical Networks in Poland, Asia
A recent investigation by TrendAI has uncovered a concerning China-linked espionage campaign, with a novel spy group infiltrating over a dozen critical networks across Poland and Asia, leaving behind a lingering threat that's experts' biggest worry. The threat group, tracked as Shadow-Earth-053, has been actively compromising networks since December 2024.