Tag: nation state
681 articles

US, Iran Escalate Strikes on Infrastructure Targets
Tensions are running high as the US and Iran exchange blows, with President Trump vowing to hit hard and expand targets to power plants and bridges, sparking a week of escalating strikes and counterattacks on infrastructure across the region. The Pentagon is ramping up its military presence, shifting aviation and tanker assets into position to support the growing conflict.

GoldenEyeDog Exploits DigiCert Breach for Code-Signing Certificates
In a chilling example of malware mastery, the GoldenEyeDog group exploited a DigiCert breach to snag code-signing certificates, which they then used to cloak their malicious software in a veneer of legitimacy. This brazen heist highlights the group's cunning and capabilities, which have been under scrutiny since at least 2015.

UK Sentences Scattered Spider Members to 66 Months for Cyberattacks
In a major cybercrime crackdown, two young men have been sentenced to 66 months in jail for their role in a 2024 cyberattack that crippled Transport for London's network operations. Thalha Jubair and Owen Flowers were arrested and pleaded guilty, marking a significant win for the UK's National Crime Agency after nearly two years of investigation.

Trump Escalates Claims of Election Compromise Despite Debunked Evidence
The White House touted a prime-time speech as proof of foreign interference and widespread voter irregularities, but it fell flat, with critics calling it a dud. Despite claims of a bombshell, the declassified documents so far have failed to validate allegations of election compromise.

China Builds Massive Supply Ship for Carrier Groups
China is building a massive supply ship that has caught the world's attention, particularly in the US, as it signals a new era of maritime power. This hulking vessel, rising from the shipyard on Longxue Island, is set to support China's carrier groups and challenge traditional naval dominance.

Southeast Asia Accelerates Military Modernization Amid Geopolitical Tensions
Southeast Asia is rapidly upgrading its military arsenal, with Indonesia leading the charge with major deals, including the purchase of 42 Rafale fighter jets from France and talks to acquire South Korea's KF-21 Boramae fighters. The region's defense modernization is gaining momentum and shows no signs of slowing down.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware
North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

US Misidentifies Russian Hacker in Extradition Bid
A Russian man named Aleksandr Ermakov has been wrongly detained in an Armenian jail on a US extradition request, with his lawyers claiming he is not the REvil ransomware suspect the US is actually after. His family and lawyers are now racing against time to clear his name and prevent his deportation to the US.

GoSerpent Malware Targets Southeast Asian Governments for Espionage
A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

CISA Orders Emergency Patch for Exploited Fortinet Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch or mitigate two critical Fortinet vulnerabilities within a tight three-day window, underscoring the severity of these flaws. This urgent action follows the discovery of a critical OS command injection vulnerability in FortiSandbox, allowing attackers to execute unauthorized code or commands.

US Indicts Russians for Running Bulletproof Hosting Services
The FBI has struck a major blow against cybercrime by indicting three Russian nationals and two companies for operating bulletproof hosting services that enabled devastating attacks on US critical infrastructure. This significant move disrupts the backbone of cybercriminal operations, dealing a crucial win for online safety.

South Korea Develops Sovereign AI Model for Bug Detection
South Korea is racing to develop its own AI model for bug detection by 2026, driven by concerns that relying on foreign models could leave the country vulnerable at critical moments. The homegrown AI model aims to rival leading security-focused models, ensuring the nation has control over its bug-finding capabilities.

ViPNet Update System Exploited in HelloNet APT Campaign
Kaspersky uncovered a sneaky APT campaign, HelloNet, that exploited the ViPNet Update System to spread malware, starting as far back as May 2026. The attackers cleverly used a malicious library to hijack the ViPNet updater, allowing them to siphon off sensitive info and clean up their tracks.

China Weighs Risks in J-35 Fighter Jet Sale to Pakistan
A potential deal for Pakistan to acquire 40 advanced J-35 fighter jets from China has been rumored since 2024, but remains unconfirmed - if finalized, it could drastically shift the balance of power on the Indian subcontinent. The sale would mark a significant boost for Pakistan's military, but China is reportedly exercising caution to avoid giving Islamabad too great an advantage.

China-Linked Malware Resurfaces in Taiwan with Advanced Backdoors
Meet Daxin, a sneaky kernel-mode rootkit that's been upgraded with advanced backdoors, allowing it to hijack legitimate connections and evade detection by blending into normal network activity. This China-linked malware has a unique trick up its sleeve, monitoring incoming TCP traffic to carry out encrypted communications undetected.

UK Prison Sentences Target Scattered Spider Cyber Duo
In a landmark case, two young cybercriminals, Owen Flowers and Thalha Jubair, have been sentenced to five years and six months in prison for their roles in a massive cybercrime operation that targeted Transport for London. The case marks the largest cybercrime prosecution ever brought before UK courts.

PhantomEnigma Campaign Exploits Hijacked Government Sites
The PhantomEnigma campaign has hijacked over 20 Brazilian government websites, turning them into malware delivery channels in a sophisticated multi-stage operation. This sneaky attack exploited trusted infrastructure to fly under the radar, using legitimate links and email accounts to spread malware.

UK Sentences Scattered Spider Hackers to Prison
Two leading members of the notorious Scattered Spider hacking collective have been sentenced to five years and six months in prison for their roles in a devastating 2024 cyberattack that crippled Transport for London's systems, forcing 27,000 employees to reset their passwords in person. Thalha Jubair, 20, and Owen Flowers, 18, pleaded guilty under the Computer Misuse Act after being arrested at their homes last September.

US Shifts to 'Affordable Mass' Warfare, Targets Iran with Low-Cost Precision Strikes
The US military's high-stakes Operation Epic Fury in 2026 revealed a startling vulnerability: its arsenal of guided munitions was depleted faster than it could be replenished, forcing a strategic shift towards affordable, low-cost precision strikes. This pivot has put Iran in the crosshairs, as the US seeks to maintain its military edge without breaking the bank.

India, Australia Forge PACTS to Bolster Cybersecurity Partnership
Australia and India have joined forces to supercharge their cybersecurity partnership with the launch of PACTS, a game-changing agreement that promises to streamline collaboration and drive real results. This bold new framework replaces previous initiatives, bringing together key dialogues and taskforces under one cohesive umbrella.

Telegram Disrupts Links Tied to Sanctioned VPN Service
Telegram swiftly disabled links connected to a sanctioned VPN service after the US Office of Foreign Assets Control took action, demonstrating its commitment to compliance with international regulations. The move came after Domain.Me, the operator of Telegram's t.me shortlinks, identified and suspended the linked domain for approximately a day.

Russian Hackers Trojanize WebEx, Zoom with Starland Malware
Beware of a sneaky new malware campaign that's been targeting over 40 cryptocurrency wallets and popular apps like WebEx and Zoom since June 2025. A financially motivated Russian threat actor is behind the attacks, using trojanized installers to spread the Starland malware.

US Resumes Strikes on Iranian Targets Amid Escalating Blockade
The US has launched a series of precision strikes on Iranian targets, hitting coastal defense systems and cruise missile sites on Greater Tunb Island in a bid to safeguard commercial shipping in the Strait of Hormuz. The operations, carried out by CENTCOM, aim to degrade Iran's ability to threaten vessels in the critical waterway.

Attackers Exploit Zero-Days in SonicWall Appliances
Cyber attackers are exploiting two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, in SonicWall appliances, with ransomware attacks seemingly their ultimate goal. Rapid7's team has thwarted attempts at data exfiltration and encryption, but the threat remains.