Skip to main content

Tag: nation state actors

81 articles

Dimly lit, cluttered table with scattered computers and laptops in a cramped underground setting.

Dark Web Exposes Early Warning Signs of Supply-Chain Attacks

Attackers are quietly buying and selling access to trusted integrations, developer accounts, and unattended credentials on the dark web, revealing early warning signs of supply-chain attacks. Monitoring underground forums for these subtle signals can help flag potential risks long before a breach makes headlines.

Analyst 207
A cluttered workspace with a smartphone, papers, and scribbled notes, set against a blurred cityscape or office background.

Google Sues Alleged Chinese Phishers Over AI-Powered Fraud Ops

Google is taking a stand against scammers, suing a Telegram-based group called "Outsider Enterprise" for allegedly sending millions of AI-powered scam texts and impersonating trusted brands. The lawsuit aims to put a stop to their large-scale fraud operations.

Analyst 207
University building with modern architecture, slightly ajar door hinting at vulnerability.

ShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach 100 Orgs

ShinyHunters, a notorious data theft group, claims to have exploited a critical Oracle PeopleSoft zero-day vulnerability, CVE-2026-35273, to breach over 100 organizations, including the University of Nottingham. The group allegedly stole sensitive data, posting some of it on their leak site.

Analyst 207
Rows of computer servers and equipment in a brightly-lit, modern technology facility.

Gentlemen Ransomware Spreads Globally, Targets 478 Victims

Meet The Gentlemen, a notorious ransomware group with a sprawling affiliate program that's left 478 victims in its wake, exploiting modern vulnerabilities with alarming speed and flexibility. Led by a single Russian-language operator, LARVA-368, this cybercrime powerhouse has been wreaking havoc since March 2025.

Analyst 207
Dimly lit server room with rows of computer servers, one device highlighted in brighter light.

Ransomware Gang 'The Gentlemen' Traced to Suspected Russian Operator

Meet The Gentlemen, a notorious ransomware gang that's rapidly growing in power thanks to its unusually generous 90/10 affiliate revenue split, outshining the industry standard 80/20 and attracting top talent from rival groups. This bold move has catapulted them to become the second most active ransomware group, with over 332 reported victims since mid-2025.

Analyst 207
Technicians monitor sections of an industrial control room with scattered stations and a large window showing an industrial…

Operational Technology Cybersecurity Gaps Persist Despite Growing Maturity

Many industrial organizations are bolstering their operational technology security, but a significant gap remains: 23% of respondents only have visibility into half of their OT environment. This blind spot leaves them vulnerable to ransomware, nation-state actors, and other cyber threats.

Analyst 207
Qilin Ransomware Breach Tally Grows with Essex Trust Confirmation

Qilin Ransomware Breach Tally Grows with Essex Trust Confirmation

Two years after a devastating ransomware attack, the NHS breach count continues to grow, with an Essex trust now confirming that sensitive patient records were stolen by the notorious Qilin gang. The incident serves as a stark reminder that the impact of this cyberattack is still being felt, with hospitals working tirelessly to identify and warn affected patients.

Analyst 207
Security researcher at laptop workstation with blurred screen, conveying tension.

Microsoft Revives Vulnerability Disclosure Debate with Researcher Crackdown

Microsoft is stirring up controversy in the vulnerability disclosure debate, clashing with a security researcher over the responsible handling of zero-day vulnerabilities. The tech giant's strong response, including threats of legal action, has sparked heated discussion on coordinated disclosure.

Analyst 207
Long line of anxious fans waiting outside a ticketing booth, some visibly frustrated.

FIFA World Cup Scams Explode Ahead of 2026 Kickoff

As the 2026 FIFA World Cup approaches, scammers are kicking off their own game, with over 4,300 fraudulent domains and countless ticket scams, counterfeit merchandise, and banking malware already in circulation. With ticket requests exceeding 150 million and millions of fans eagerly awaiting kickoff, attackers are cashing in on scarcity and anxiety.

Analyst 207
Helpdesk workers surrounded by cubicles, phones, and fluorescent lighting, with an atmosphere of unease and vulnerability.

Ransomware Gang Pink Exploits Helpdesk Calls to Steal Credentials

Meet Pink, a notorious ransomware gang that's exploiting helpdesk calls to steal sensitive credentials using clever tactics like vishing and IT impersonation. They're using these stolen secrets to exfiltrate valuable data from enterprise cloud storage and productivity systems, leaving victims with a tough choice: pay up or face the consequences.

Analyst 207
European city street with tech hints and blurred laptop in foreground.

Chinese Hackers Deploy Atlas RAT in Europe With Heightened Cyberattacks

Chinese hackers have significantly ramped up cyberattacks in Europe, with a financially motivated group, tracked as TA4922, launching a high volume of unique campaigns targeting countries including Germany, Italy, and the UK. This surge in activity, which began in March, has been marked by unprecedented diversity in tactics and objectives, including fraud, data theft, and network breaches.

Analyst 207
Smartphone with chatbot interface on screen, conveying vulnerability.

Hackers Exploit Instagram AI Chatbot to Hijack User Accounts

Hackers recently tricked Instagram's AI chatbot into handing over account controls, highlighting a critical vulnerability in AI agent authorization - a problem that's proving tougher to crack than authentication. By falsifying user locations and manipulating the chatbot, attackers were able to change account email addresses and passwords.

Analyst 207
Law enforcement officials in a federal courthouse or facility with daylight streaming through tall windows.

FBI Disrupts Online Child Abuse Ring Linked to Violent Extremist Collective

The feds have taken down a predator, arresting a Tennessee man linked to a violent extremist collective for exploiting vulnerable children online. Zachary Sweeney, 30, faces up to 50 years in prison for his heinous crimes, including sexual exploitation and distributing child abuse material.

Analyst 207
Person sitting at laptop with browser window open showing fake ChatGPT outage message.

Threat Actors Exploit ChatGPT Sharing Feature to Deliver Malware

Malicious actors are exploiting ChatGPT's sharing feature to spread malware, using convincing fake outage messages to trick users into downloading malicious desktop applications. They even hijacked Google ads to make their scam look legit.

Analyst 207
Concerned employees surrounded by scattered papers and a laptop at a desk with a blurred cityscape in the background.

Carnival Cruise Data Breach Exposes 6 Million Customers

A recent data breach at Carnival Cruise, affecting 6 million customers, highlights the vulnerability of traditional security controls to social engineering tactics, where a single compromised employee device can lead to devastating consequences. This incident serves as a stark reminder of the human factor in cybersecurity, where threat actors exploit trust and impersonation to gain access to sensitive information.

Analyst 207
Courthouse interior with judge's bench and computer in foreground.

Romanian Hacker Sentenced for Breaching Oregon Govt Network

A Romanian hacker has been sentenced to 56 months in prison for breaking into Oregon's state emergency-management network, stealing sensitive personal data, and selling it to buyers in the US. Catalin Dragomir, 46, pleaded guilty to aggravated identity theft and computer intrusion charges.

Analyst 207
Concerned office worker sits at desk, staring at paper or laptop screen with blurred cityscape in background.

FBI Warns Law Firms of In-Person Extortion Tactics by Silent Ransom Group

The FBI is sounding the alarm for US law firms, warning them of a growing threat from the Silent Ransom Group, which targets the legal industry for its highly sensitive data and uses in-person extortion tactics. This group has been linked to a string of incidents, and the FBI is urging law firms to be vigilant.

Analyst 207
Typical office setting with laptop on desk, surrounded by papers and supplies.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users

The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

Analyst 207
Law enforcement officials in a secure facility render code-signing credentials invalid.

Microsoft Disrupts Cybercrime Service Selling Code-Signing Certificates to Ransomware Gangs

Microsoft has disrupted a notorious cybercrime operation, dubbed Fox Tempest, that sold code-signing certificates to ransomware gangs, allowing them to disguise malware as legitimate Windows software. The operation, which created over 580 fake Microsoft accounts, has been linked to two individuals, John Doe 1 and John Doe 2, who allegedly traded in real, Microsoft-issued code-signing credentials.

Analyst 207
Brightly-lit courthouse conveys sense of institutional action and cyber enforcement.

Microsoft Disrupts Fox Tempest's Ransomware-Enabling Code-Signing Service

Microsoft's Digital Crimes Unit has successfully disrupted a notorious code-signing service used by cybercriminals, including the group behind Fox Tempest, to create fake IDs and gain easy access to systems. This operation has effectively shut down a key tool used by hackers to spread ransomware and malware.

Analyst 207
Windows laptop on cluttered desk in dimly lit home office with open keyboard and touchpad visible.

BitLocker Zero-Day Exposes Windows Drives to Unauthorized Access

A security researcher, Chaotic Eclipse, has dropped a bombshell by releasing proof-of-concept code for two unpatched Windows vulnerabilities, citing frustration with Microsoft's handling of previous bug reports. This move exposes Windows drives to unauthorized access, even with TPM+PIN protection in place.

Analyst 207
Water utility industrial setting with computer systems in background.

UK Water Utility Exposed: Hackers Hid Undetected for 20 Months

In a shocking revelation, hackers secretly lurked on South Staffordshire Water's corporate network for 20 months, evading detection until a performance issue sparked an investigation in July 2022. The stealthy attackers gained unauthorized access via a September 2020 phishing attack, harvesting credentials and even attempting to deploy ransomware before being finally uncovered.

Analyst 207
Students and faculty walk down a brightly-lit school hallway, with a laptop on a desk in the foreground.

ShinyHunters Targets Education Sector with School-by-School Ransom Push

ShinyHunters has launched a targeted ransom attack on the education sector, exploiting a vulnerability in Canvas Learning Management System to steal a staggering 275 million records from nearly 9,000 schools and universities. The timing couldn't be more critical, with exams already underway and academic years wrapping up.

Analyst 207
Cluttered computer workstation in a small office with a blurred laptop screen.

NVIDIA Discloses GeForce NOW Breach Affecting Armenian Users

NVIDIA recently discovered a security breach affecting users of GeForce NOW in Armenia, which was caused by a compromised system operated by a third-party partner, not by NVIDIA's own network. The company is working closely with the partner to resolve the issue and notify affected users.

Analyst 207