Tag: espionage
-
China-Linked Warp Panda Targets North American Firms in Espionage Campaign
CrowdStrike warned that Warp Panda, a China-linked cyber-espionage group, is targeting US organizations to steal sensitive data and support Beijing’s strategic interests First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinalinked-warp-panda/
-
BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions
Tags: apt, backdoor, china, cisa, cyber, cybersecurity, data-breach, espionage, infrastructure, threatCISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details on BRICKSTORM, a backdoor used by China state-sponsored threat actors to gain and maintain long-term persistence on compromised systems, highlighting ongoing PRC cyber-espionage activity. >>The Cybersecurity…
-
Patchwork APT Deploys StreamSpy Trojan, Hiding C2 Commands in WebSocket Traffic for Stealth Espionage
The post Patchwork APT Deploys StreamSpy Trojan, Hiding C2 Commands in WebSocket Traffic for Stealth Espionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/patchwork-apt-deploys-streamspy-trojan-hiding-c2-commands-in-websocket-traffic-for-stealth-espionage/
-
Officials warn about expansive, ongoing China espionage threat riding on Brickstorm malware
The attacks, which have impacted dozens of organizations, date back at least three years, lasting an average of 393 days. And that’s just what’s been uncovered in the last four months. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-brickstorm-malware-cyber-espionage-campaign-cisa-dhs-alert/
-
5 Things To Know On VMware ‘Brickstorm’ Attacks
A wave of China-linked espionage attacks has been observed targeting VMware vSphere systems, and have gained long-term persistence in some cases, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-on-vmware-brickstorm-attacks
-
Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers’ surveillance systems, allowing them to see hacking targets’ personal data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/04/sanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say/
-
Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse
Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files First seen on theregister.com Jump to article: www.theregister.com/2025/12/04/microsoft_lnk_bug_fix/
-
How a noisy ransomware intrusion exposed a long-term espionage foothold
Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/threat-research-ransomware-espionage-attack/
-
The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent<< Shortcuts
The post The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent
-
Tomiris Unleashes ‘Havoc’ With New Tools, Tactics
The Russian-speaking group is targeting government and diplomatic entities in CIS member states and Central Asia in its latest cyber-espionage campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/tomiris-unleashes-havoc-new-tools-tactics
-
Russia limits WhatsApp use, claiming it enables terrorism, crime, espionage
Russian users of WhatsApp reported disruptions as authorities limited access to the app, which they said enabled fraud, terrorism and possibly a recent leak of diplomatic communications with the U.S. First seen on therecord.media Jump to article: therecord.media/russia-whatsapp-restrictions
-
Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign
The House Homeland Security Committee asked Dario Amodei to answer questions about the implications of the attack and how policymakers and AI companies can respond. First seen on cyberscoop.com Jump to article: cyberscoop.com/house-homeland-asks-anthropic-ceo-to-testfy-on-chinese-espionage-campaign/
-
Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign
The House Homeland Security Committee asked Dario Amodei to answer questions about the implications of the attack and how policymakers and AI companies can respond. First seen on cyberscoop.com Jump to article: cyberscoop.com/house-homeland-asks-anthropic-ceo-to-testfy-on-chinese-espionage-campaign/
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
APT35 Data Leak Uncovers the Iranian Hacker Group’s Operations and Tactics
In October 2025, a significant breach exposed internal operational documents from APT35, also known as Charming Kitten, revealing that the Iranian state-sponsored group operates as a bureaucratized, quota-driven cyber-espionage unit with hierarchical command structures, performance metrics, and specialized attack teams. The leaked materials provide an unprecedented window into how this Islamic Revolutionary Guard Corps Intelligence…
-
FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk
Months after China-linked spies burrowed into US networks, regulator tears up its own response First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fcc_salt_typhoon_rules/
-
FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk
Months after China-linked spies burrowed into US networks, regulator tears up its own response First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fcc_salt_typhoon_rules/
-
ToddyCat APT Targeting Internal Employee Communications at Organizations
Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
-
ToddyCat APT Targeting Internal Employee Communications at Organizations
Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
-
ToddyCat APT Targeting Internal Employee Communications at Organizations
Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
-
ToddyCat APT Targeting Internal Employee Communications at Organizations
Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
-
ToddyCat APT Targeting Internal Employee Communications at Organizations
Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
-
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
-
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
-
Chinese APT24 Deploys Custom Malware, New Stealthy Tactics
3-Year Espionage Campaign Targeted Taiwanese Firms. Chinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt24-deploys-custom-malware-new-stealthy-tactics-a-30103
-
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings
Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/