Tag: espionage
-
Silver Fox APT Uses Weaponized Medical Software to Deploy Remote Access Tools and Disable AV
The China-based advanced persistent threat (APT) group Silver Fox, also known as Void Arachne or The Great Thief of Valley, has been identified as the orchestrator of a complex multi-stage campaign targeting healthcare delivery organizations (HDOs) and public sector entities. Active since 2024 and believed to be state-sponsored, Silver Fox is deploying cyber espionage and…
-
China-linked group Salt Typhoon breached satellite firm Viasat
China-linked APT Typhoon has reportedly targeted satellite firm Viasat, the group has breached multiple telecom providers in the past. China-linked APT group Salt Typhoon hacked the satellite communications firm Viasat, the cyber-espionage group has previously breached the networks of multiple other telecom providers in the United States and globally. Viasat is a global communications company…
-
Telecom giant Viasat breached by China’s Salt Typhoon hackers
Satellite communications company Viasat is the latest victim of China’s Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the United States and worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telecom-giant-viasat-breached-by-chinas-salt-typhoon-hackers/
-
Hackers Exploiting Chrome Zero”‘Day Vulnerability in the Wild
A newly discovered zero-day vulnerability in Google Chrome, tracked as CVE-2025-2783, is being actively exploited by hackers in sophisticated cyber-espionage campaigns. Security researchers have observed a surge in targeted attacks leveraging this flaw, with attribution pointing to the advanced persistent threat (APT) group Team46, also known as TaxOff. The Attack Campaign The first signs of…
-
US critical infrastructure could become casualty of Iran-Israel conflict
Researchers warn that Iran-aligned threat groups could soon target U.S. companies and individuals in cyber espionage or sabotage attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-critical-infrastructure-iran-israel-conflict/750799/
-
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/15/week-in-review-microsoft-fixes-exploited-zero-day-mirai-botnets-target-unpatched-wazuh-servers/
-
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
Tags: attack, china, cloud, control, corporate, encryption, espionage, exploit, google, group, intelligence, microsoft, monitoring, network, open-source, penetration-testing, ransomware, service, threat, toolOpen-source pen testers for executing commands: Another peculiarity observed in the attack was the use of open-source penetration testing tools, like GC2 and Adaptix C2, rarely seen with ransomware attacks.Google Command and Control (GC2) is an open-source post-exploitation tool that allows attackers to control compromised systems using legitimate cloud services like Google Sheets and Google…
-
40,000 security cameras exposed, raises espionage concerns
First seen on scworld.com Jump to article: www.scworld.com/news/40000-security-cameras-exposed-raises-espionage-concerns
-
Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage
Security experts offer their takes on some of the flaws, including a set of vulnerabilities that could enable remote code execution in Microsoft Office. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-june/
-
China-linked hackers target cybersecurity firms, governments in global espionage campaign
Tags: access, awareness, china, ciso, cyber, cybersecurity, defense, detection, espionage, government, hacker, infrastructure, intelligence, Internet, monitoring, threatDeployed PurpleHaze for broader espionage: Researchers reported that in October 2024, they detected and mitigated a reconnaissance operation targeting SentinelOne, which they identified as part of a broader activity cluster known as PurpleHaze.As noted earlier, this PurpleHaze activity shared infrastructure with the campaign behind the re-compromise of the South Asian government entity, suggesting a stronger…
-
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/11/microsoft-fixes-zero-day-exploited-for-cyber-espionage-cve-2025-33053/
-
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/11/microsoft-fixes-zero-day-exploited-for-cyber-espionage-cve-2025-33053/
-
China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns
Tags: attack, china, cyber, cyberespionage, cybersecurity, espionage, government, infrastructure, threatChina-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that a China-linked threat actor, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering…
-
New Report Reveals Chinese Hackers Attempted to Breach SentinelOne Servers
SentinelLABS, a sophisticated reconnaissance operation targeting SentinelOne, a leading cybersecurity vendor, has been detailed as part of a broader espionage campaign linked to China-nexus threat actors. Tracked under the activity clusters PurpleHaze and ShadowPad, these operations spanned from July 2024 to March 2025, affecting over 70 organizations worldwide across sectors like government, media, manufacturing, finance,…
-
Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025.”The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors,” security researchers Aleksandar Milenkoski and Tom First…
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS
SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and… First seen on hackread.com Jump to article: hackread.com/chinese-linked-hackers-targeted-global-organizations/
-
China-Backed Hackers Target SentinelOne in ‘PurpleHaze’ Attack Spree
Known threat groups APT15 and UNC5174 unleashed attacks against SentinelOne and more than 70 other high-value targets, as part of ongoing cyber-espionage and other malicious activity involving ShadowPad malware. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/china-hackers-target-sentinelone-purplehaze-attack
-
APT41 Hackers Leverage Google Calendar for Malware C2 in Attacks on Government Entities
The Chinese state-sponsored threat actor APT41, also known as BARIUM, Wicked Panda, and Brass Typhoon, has been reported to exploit Google Calendar as a command-and-control (C2) mechanism in a recent campaign targeting a Taiwanese government website. This sophisticated group, active since at least 2012, is notorious for blending cyber espionage with financially motivated cybercrime, hitting…
-
Kimsuky Strikes Again Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email, and Telegram to infiltrate targets primarily within the defense sector, North Korea-related activists, and cryptocurrency…
-
Iranian Espionage Group Caught Spying on Kurdish Officials
BladedFeline Hackers Spying on Kurdish Officials Since at Least 2017. An Iranian state espionage group stayed hidden for more than half-a-decade until security researchers spotted it in 2023, researchers said Thursday in a report detailing a growing arsenal of hacking tools it deployed against Kurdish and Iraqi government officials. First seen on govinfosecurity.com Jump to…
-
New Chaos RAT Targets Linux and Windows Users to Steal Sensitive Data
A new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first identified in 2022. As reported by Acronis TRU researchers in their recent 2025 analysis, this malware continues to evolve, targeting both Linux and Windows environments with sophisticated capabilities for espionage…
-
New evidence links long-running hacking group to Indian government
Two cybersecurity companies issued reports tying a cyber-espionage group known as Bitter or TA397 more directly to the Indian government. First seen on therecord.media Jump to article: therecord.media/india-cyber-espionage-bitter-ta397
-
TA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted Systems
A recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed threat actor highly likely aligned with Indian intelligence interests. Identified as an espionage-focused group, TA397 has been actively targeting entities across Europe and Asia, particularly those with connections to China, Pakistan,…
-
Iranian APT ‘BladedFeline’ Hides in Network for 8 Years
ESET published research on the Iranian APT BladedFeline, which researchers believe is a subgroup of the cyber-espionage entity APT34. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iranian-apt-bladedfeline-hides-network-8-years
-
DIA IT specialist charged in espionage attempt
Tags: espionageFirst seen on scworld.com Jump to article: www.scworld.com/brief/dia-it-specialist-charged-in-espionage-attempt
-
Dutch Minister Warns of Heightened Chinese Espionage Threats
Dutch Semiconductor Sector Among Chinese Targets. Chinese nation state groups ramped up espionage campaigns against Dutch critical infrastructure in recent months, said a state official who added that discussions are underway in the European Union on how to minimize Chinese threats. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/dutch-minister-warns-heightened-chinese-espionage-threats-a-28574
-
China-linked hackers exploit Google Calendar in cyberattacks on governments
Tags: china, cyber, cyberattack, espionage, exploit, google, government, hacker, intelligence, threatGoogle Threat Intelligence spotted the China-based operation known as APT41 leveraging the company’s own Calendar app as part of a cyber-espionage campaign. First seen on therecord.media Jump to article: therecord.media/china-linked-apt41-exploits-google-calendar-in-cyberattacks