Skip to main content

Tag: cyber espionage

200 articles

Network equipment and monitoring screens in a dimly lit operations center.

China-Linked Malware Resurfaces in Taiwan with Advanced Backdoors

Meet Daxin, a sneaky kernel-mode rootkit that's been upgraded with advanced backdoors, allowing it to hijack legitimate connections and evade detection by blending into normal network activity. This China-linked malware has a unique trick up its sleeve, monitoring incoming TCP traffic to carry out encrypted communications undetected.

Analyst 207
European officials gather at a podium in a government building to announce cyber sanctions against Russia.

Europe Targets Russia's Turla in Coordinated Cyber Sanctions

The European Union is cracking down on Russia's notorious cyber-espionage group, Turla, with coordinated sanctions aimed at disrupting their years-long campaign of malicious activities. Nine Russian individuals and four entities, including the FSB's Center 16, have been targeted in the punitive measures.

Analyst 207
Brightly-lit server room in a Pakistani law enforcement office with generic computer equipment and network devices.

China, India-Aligned Hackers Target Pakistani Law Enforcement in Espionage Campaigns

Cyber attackers have launched a stealthy espionage campaign targeting Pakistani law enforcement agencies, breaching sensitive data like biometric records, criminal files, and personnel info. The compromised assets included servers managing police and citizen data at organizations like Balochistan Police.

Analyst 207
Cluttered office workstation with laptop and peripherals, dimly lit with blurred screens.

Microsoft Exposes GigaWiper Backdoor's Triple Threat

Microsoft has uncovered a highly destructive backdoor, dubbed GigaWiper, which poses a triple threat to Windows systems, allowing attackers to silently spy and destroy machines in three different ways. This multi-purpose threat doesn't just crash systems - it gives attackers the power to choose how and when to render a machine irrecoverable.

Analyst 207
Dark industrial control room with a lone, open laptop on a metal console.

Armored Likho Exploits Global Targets with BusySnake Stealer

Meet Armored Likho, a sneaky threat actor who's been wreaking havoc globally, exploiting both private individuals and organizations, including government agencies and electric power sectors in Russia, Brazil, and Kazakhstan. With a blend of financially motivated attacks and targeted cyber espionage, Armored Likho is a force to be reckoned with.

Analyst 207
Blurred cityscape with office workstation and blank computer screen.

MuddyWater Exploits Ransomware Disguise for Cyber Espionage

The line between ransomware attacks and nation-state espionage is rapidly blurring, as cyber groups like MuddyWater now disguise their operations as financially motivated ransomware attacks to further their strategic objectives. MuddyWater, linked to Iran's Ministry of Intelligence and Security, has been caught posing as the Chaos ransomware group in a deliberate campaign.

Analyst 207
Home router on cluttered living room table with softly glowing lights.

AryStinger Malware Infects 4,300 Routers in Global Reconnaissance Network

Meet AryStinger, a sneaky new malware that's hijacked over 4,300 home routers worldwide, transforming them into a covert network for spying and proxying - and the numbers are still climbing. This cunning malware lets hackers scan the internet, tunnel traffic, and run secret commands, all while hiding their digital tracks.

Analyst 207
Technicians work in a brightly-lit data center with rows of servers and storage systems surrounded by cables and equipment.

Enterprise Data Uploads to AI Models Surge 93% in a Year

In just one year, enterprise data uploads to AI models have skyrocketed 93%, with a staggering 18,033 terabytes of data - equivalent to 3.6 billion digital photos - being transferred to AI and machine learning applications. This massive surge raises serious concerns about data breaches and cyber espionage.

Analyst 207
Office workers at desks with laptops and phones, Microsoft Teams logo visible in background.

DragonForce Ransomware Exploits Microsoft Teams to Facilitate Months-Long Breach

Meet Backdoor.Turn, a sneaky new threat that uses Microsoft Teams to hide its tracks and wreak havoc on your network for months on end - and it's surprisingly sophisticated. This Go-based RAT masquerades as legit traffic by exploiting Teams' TURN relay servers.

Analyst 207
Dimly lit control room with computer screens and industrial systems hinting at hidden network presence.

Chinese Hackers Maintain Decade-Long Spy Operation in Isolated Network

Chinese hackers pulled off a stunning 10-year cyber-espionage heist, infiltrating a supposedly airtight network and gaining unfettered access to every login, command, and secret. The masterminds behind Operation Highland, linked to the Velvet Ant cluster, expertly embedded their digital fingerprints into the network's authentication process.

Analyst 207
Russian defendant sits in federal courtroom with officer nearby.

Russian national charged in Void Blizzard cyber-espionage scheme

A Russian national, Denis Nikolayevich Obrezko, has been charged with helping facilitate a massive cyber-espionage scheme that infiltrated at least 11 US companies, with authorities suspecting many more victims nationwide. Obrezko allegedly played a key role in the Void Blizzard campaign by buying a virtual private server and registering domain names used in the intrusions.

Analyst 207
Busy office in Vietnam with cityscape view and people working at desks.

OceanLotus Targets Vietnam Investors with SPECTRALVIPER Backdoor

The notorious 15-year-old APT group, OceanLotus, is now setting its sights on Vietnam's investors with a cunning new backdoor attack called SPECTRALVIPER, showcasing their relentless adaptability and aggressive tactics. This latest move has left experts wondering if it's a temporary shift or a long-term strategy.

Analyst 207
Government office workstation with blurred computer screen and muted decor.

French Govt Messaging Service Breached in Account Hijacking Attack

France's digital affairs directorate swiftly sprang into action, blocking a compromised account that was used to hijack a government messaging service, and is now conducting a thorough investigation to assess the damage. The breach was detected by the French Cybersecurity Agency, allowing authorities to shut down the attacker's access and analyze what data was exposed.

Analyst 207
Person holding smartphone with blank screen, surrounded by blurred cityscape and subtle hint of phishing attempt on nearby…

Meta Alleges NSO Group Breaches Spyware Injunction

Meta just took a bold stand against NSO Group, the notorious spyware maker, by ramping up legal action after thwarting a sneaky phishing campaign aimed at WhatsApp users. The tech giant successfully blocked NSO-linked attempts to trick people into clicking malicious links, despite a US court injunction already in place.

Analyst 207
Radar system installed on a raised platform in a desert landscape under a clear blue sky.

Handala's Israeli Radar Claim Sparks Skepticism

Can a mysterious Iranian-linked hacker group really take down Israel's radar systems? Handala claims it did on the same day Israel and Iran exchanged missile fire, but experts are raising an eyebrow.

Analyst 207
Government building with subtle cyber activity hints in bright daylight.

China-Aligned Hackers Target Czech Republic, Taiwan in Cyber Espionage Push

China-aligned hackers have launched a sneaky cyber espionage campaign, dubbed Operation Dragon Weave, targeting officials and citizens in the Czech Republic and Taiwan with a cunning malware that masquerades as a legitimate cloud storage service. The malware ultimately delivers an AdaptixC2 agent, putting sensitive information at risk.

Analyst 207
Dimly lit Ukrainian government office with laptop showing chatbot interface on screen.

Russia-linked Group Leverages ChatGPT in Cyberattacks on Ukraine

Meet GREYVIBE, a Russia-linked cyber group that's taking its attacks on Ukraine to the next level with the help of AI tools like ChatGPT, targeting the country's military and government. This sinister crew is leveraging cutting-edge tech to supercharge its cyberattacks.

Analyst 207
President Donald Trump stands on White House steps with subtle global map background.

Trump Reveals US, China Discussed Cyberattacks, Espionage

President Donald Trump revealed that he and Chinese President Xi Jinping had a candid conversation about cyberattacks and espionage, with Trump bluntly stating that the US spies on China just as China spies on the US. Trump hinted at a cat-and-mouse game between the two nations, saying the US does things to China that it doesn't know about, while China does things to the US that are probably known.

Analyst 207
Government building in Ukraine with a sense of unease, document on desk.

Ghostwriter Launches Geofenced PDF Phishing Against Ukraine Government

Meet FrostyNeighbor, a Belarus-aligned threat actor that's been wreaking havoc since 2016 with sophisticated cyber espionage and influence operations targeting Ukraine and beyond. This adaptive group has earned a reputation for evolving its tactics, using diverse lures and delivery mechanisms to stay one step ahead.

Analyst 207
Interior of an electronics manufacturing facility with technicians at workstations.

Iranian Hackers Target Electronics Maker in Global Espionage Push

Iran-linked hackers, known as MuddyWater, infiltrated a major South Korean electronics manufacturer's network for a week in February 2026, as part of a massive global cyber-espionage campaign targeting nine high-profile organizations across multiple sectors and countries.

Analyst 207
Dimly lit server room with rows of computer servers and networking equipment, a single unoccupied laptop in the foreground.

Iranian Spies Masquerade as Ransomware Gangs in Espionage Ops

A new wave of cyber threats has emerged, where Iranian spies masquerade as ransomware gangs to secretly infiltrate and gather intel from targeted organizations. Behind the scenes, they're hiding a wide-open backdoor, putting defenders and the organizations they protect at risk.

Analyst 207
Modern office interior with subtle hints of cyber activity in the background.

MuddyWater hackers exploit Chaos ransomware as cyber-espionage decoy

MuddyWater hackers have cleverly used Chaos ransomware as a decoy to mask their true intentions - and it's not about making a quick buck. Instead, their tactics suggest a more sinister goal, blurring the lines between state-sponsored espionage and cybercrime.

Analyst 207
Government officials gather in a briefing room with American flags, discussing law enforcement and cybersecurity.

FBI Disrupts China's Hacker-for-Hire Ecosystem with Key Extradition

The FBI has struck a major blow against China's notorious hacker-for-hire ecosystem, disrupting a vast network of private tech companies and contractors secretly working for the Chinese government. This bold move exposes a brazen operation that prioritized profit by exploiting vulnerable computers and selling sensitive information to the highest bidder.

Analyst 207
Rows of equipment and monitors line the walls of a network operations center, with technicians working in the background.

Novel Chinese Spy Group Infiltrates Critical Networks in Poland, Asia

A recent investigation by TrendAI has uncovered a concerning China-linked espionage campaign, with a novel spy group infiltrating over a dozen critical networks across Poland and Asia, leaving behind a lingering threat that's experts' biggest worry. The threat group, tracked as Shadow-Earth-053, has been actively compromising networks since December 2024.

Analyst 207