Tag: nation state
398 articles
Iran-Linked APT Exploits Ransomware Disguise for Espionage
MuddyWater, an Iran-linked APT group, has been caught exploiting a ransomware disguise to secretly infiltrate systems, using interactive tactics to harvest credentials and gain internal access. By masquerading as a Chaos ransomware affiliate, the group aimed to throw off detectives and cover its espionage tracks.
MuddyWater hackers exploit Chaos ransomware as cyber-espionage decoy
MuddyWater hackers have cleverly used Chaos ransomware as a decoy to mask their true intentions - and it's not about making a quick buck. Instead, their tactics suggest a more sinister goal, blurring the lines between state-sponsored espionage and cybercrime.
CloudZ RAT Exploits Windows Phone Link for Credential Theft
Cyber attackers have cleverly exploited the Microsoft Phone Link feature to steal sensitive credentials and one-time passwords, all without needing to infect mobile devices with malware. By targeting this built-in Windows application, hackers can access synced phone data and extract valuable information.
Palo Alto Networks Firewalls Targeted in Zero-Day Exploits
Palo Alto Networks firewalls are under attack by zero-day exploits targeting a vulnerability in the User-ID Authentication Portal, allowing hackers to execute malicious code with root privileges. This buffer overflow flaw, tracked as CVE-2026-0300, poses a significant risk to organizations with Internet-exposed firewalls.
Japan Shifts Defense Export Strategy with Philippines Deal
Japan is taking a significant leap in its defense export strategy with a groundbreaking deal with the Philippines, aiming to fast-track the export of advanced destroyer escorts through bilateral working-level consultations. This move follows the establishment of a joint working group by Japanese Defense Minister Koizumi Shinjiro and Philippine Defense Secretary Gilberto Teodoro to facilitate the transfer of Maritime Self-Defense Force equipment.
Australia, Japan Forge Deterent Against China's Regional Ambitions
The 2026 National Defence Strategy makes it clear: a strong balance of military power in the Indo-Pacific requires not just the US, but also load-bearing partnerships like the one between Australia and Japan. By teaming up, Australia aims to become more self-reliant and counter China's growing regional ambitions.
DarkSword Malware Targets iOS with Sophisticated Exploit Chain
Meet DarkSword, a sneaky malware that's been targeting iOS devices with a sophisticated exploit chain, leveraging six different vulnerabilities to deploy its final-stage payloads across iOS versions 18.4 through 18.7. Google Threat Intelligence Group has tracked its use back to November 2025, with multiple actors - from commercial vendors to suspected state-sponsored operators - employing it to compromise devices.
Former NASA Chief Jim Bridenstine Steers Quantum Space Toward National Security Orbit
Quantum Space is taking a giant leap forward with Jim Bridenstine at the helm, poised to propel the company into a new era of growth and innovation in national security and space exploration. As the former NASA chief and newly appointed CEO, Bridenstine is set to lead Quantum Space as spending on space defense and exploration accelerates.
Latvian Hacker Sentenced for Role in Former Conti Leaders' Ransomware Extortion Scheme
A Latvian hacker has been sentenced to 8.5 years in federal prison for his role in a massive ransomware extortion scheme that targeted over 54 companies, causing hundreds of millions of dollars in losses. Deniss Zolotarjovs, 35, helped former Conti leaders extort payments from victims over a two-year period.
China-Linked UAT-8302 Exploits Shared Malware to Target Global Governments
Meet UAT-8302, a sophisticated China-linked threat group that's been secretly targeting governments worldwide, deploying custom malware to infiltrate and gather intel. Its recent attacks have hit government entities in South America and southeastern Europe, raising global cybersecurity concerns.
ScarCruft APT Exploits Yanbian Gaming Platform for Intelligence Gathering
Meet ScarCruft, a notorious North Korea-aligned espionage group that's been caught exploiting a popular gaming platform in China to gather intel on its users. The group trojanized a site serving traditional Yanbian-themed games, compromising both Windows and Android software.
Karakurt Ransomware Operative Sentenced for Extortion Role
Meet Deniss Zolotarjovs, a Latvian national who helped his ransomware gang extort dozens of companies - and even a government entity with a crippled 911 system - by leveraging stolen sensitive data, including children's health information. He's now facing 8.5 years in prison for his role in the Karakurt extortion operation.
North Korean Hackers Infiltrate Android Games to Spy on Defectors
Security researchers at Eset stumbled upon a sneaky plot by North Korean hackers, who infiltrated popular Android games to spy on defectors by hiding a backdoor called BirdCall in the apps. The malicious code was cleverly disguised in game files available for download on a regional gaming platform's official website.
ScarCruft hackers deploy BirdCall malware via gaming platform.
North Korean hackers APT37, also known as ScarCruft, have cleverly expanded their BirdCall malware to target Android devices, adapting their Windows backdoor to spy on mobile users. They even used a popular gaming platform to sneak the malware onto unsuspecting devices.
Weaver E-cology Flaw Exploited Through Debug API Endpoint
A critical bug in Weaver E-cology, known as CVE-2026-22679, is being actively exploited - allowing hackers to take full control of your system with a CVSS score of 9.8. This severe vulnerability lets attackers execute commands without needing login credentials, putting your entire system at risk.
India Bolsters Nuclear Deterrent with Third SSBN Submarine
Meet INS Aridhaman, India's game-changing submarine that boasts double the missile capacity of its predecessors, thanks to its eight vertical launch tubes, revolutionizing the country's sea-based nuclear deterrent capabilities. This upgraded vessel displaces 7,000 tonnes submerged and can carry powerful K-4 missiles with a range of 3,500 km or 24 K-15 missiles with a range of 750 km.
Grinex Shutdown Won't Curb Russian Sanctions Evasion
The shutdown of Grinex, a Kyrgyzstan-registered cryptocurrency exchange, highlights the cat-and-mouse game of sanctions evasion, where experts warn that the ecosystem's fragmentation will only make it harder to track illicit activity. As Kaitlin Martin, a senior intelligence analyst at Chainalysis, notes, a fractured ecosystem makes it increasingly difficult to target evasive maneuvers.
Hackers Exploit Weaver E-cology Bug in Targeted Attacks
Hackers are taking advantage of a critical bug in Weaver E-cology, using an exposed debug API endpoint to execute system commands on vulnerable servers without needing login credentials. This security flaw, tracked as CVE-2026-22679, affects Weaver E-cology 10.0 builds prior to March 12.
Ransomware Breach Exposes Sensitive Data at Sandhills Medical Foundation
Sandhills Medical Foundation suffered a devastating ransomware attack on May 8, 2025, putting sensitive data at risk. It took nearly 11 months for affected individuals to be notified in April 2026, sparking an investigation into the breach.
Indo-Pacific Emerges as Crucial Hub in Global Spyware Market
The Indo-Pacific region is now a critical hotspot in the global spyware market, playing a pivotal role in determining the fate of efforts to curb the proliferation of spyware. Its influence will have far-reaching consequences for governments, civil society, and even criminal networks.
Cybersecurity Experts Imprisoned for Ransomware Extortion Scheme
Two American cybersecurity experts, Ryan Goldberg and Kevin Martin, have been sentenced to prison for their roles in a brazen 2023 ransomware campaign that targeted companies across the United States. Their crimes have brought to light the severe consequences of cyberattacks and the importance of protecting businesses from such threats.
Silver Fox Targets India, Russia with ABCDoor Malware via Tax Phishing
Meet Silver Fox, a China-based cybercrime group that's using tax phishing scams to deliver a sneaky new malware called ABCDoor, targeting India and Russia with cleverly crafted emails that masquerade as official tax notices. The group's tactics involve PDFs with links to infected archives, tricking victims into downloading the malware.
Iran's Shahed Drone Imposes Cost-Exchange Crisis on US Air Defences
Iran's massive production of Shahed drones, potentially reaching 400-500 units monthly, has transformed these once-nuisance weapons into a game-changing force that could redefine the US-Iran conflict. With Iranian and Russian facilities churning out over 200 units per month, the US air defenses now face a daunting cost-exchange crisis.
US Airstrikes Expose Limits of American Power Against Iran
Within days of the US and Israel launching a massive air campaign against Iran, the scale of Iran's retaliation - over 500 ballistic missiles and 2,000 drones - dramatically reshaped the war's trajectory. The initial barrage of 900 strikes in just 12 hours, targeting military sites, nuclear facilities, and top officials, came at a staggering $3.7 billion cost in the first 100 hours alone.