Tag: espionage

Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse

Dec 4, 2025 4:32 PM

Tags: espionage, flaw, malicious, microsoft, mitigation, update, windows

Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files First seen on theregister.com Jump to article: www.theregister.com/2025/12/04/microsoft_lnk_bug_fix/
How a noisy ransomware intrusion exposed a long-term espionage foothold

Dec 2, 2025 12:49 PM

Tags: attack, cyber, data-breach, espionage, group, ransomware

Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/threat-research-ransomware-espionage-attack/
The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent<< Shortcuts

Dec 2, 2025 1:49 AM

Tags: breach, espionage, linux

The post The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent
Tomiris Unleashes ‘Havoc’ With New Tools, Tactics

Dec 1, 2025 11:49 PM

Tags: cyber, espionage, government, group, russia, tactics, tool

The Russian-speaking group is targeting government and diplomatic entities in CIS member states and Central Asia in its latest cyber-espionage campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/tomiris-unleashes-havoc-new-tools-tactics
What are zero-day attacks and why do they work?

Dec 1, 2025 6:49 PM

Tags: access, antivirus, attack, breach, bug-bounty, cyber, cybersecurity, data, detection, edr, email, endpoint, espionage, exploit, government, group, hacker, infrastructure, intelligence, malicious, mobile, network, phishing, risk, service, software, spear-phishing, strategy, supply-chain, tactics, threat, tool, unauthorized, update, vulnerability, vulnerability-management, zero-day, zero-trust

No available patch: These exploits are unknown to both vendors and defenders, meaning they have not been identified and patched yet, leaving the door open for attackers.High-value targets: These attacks are often used in cyber espionage, ransomware campaigns, and advanced persistent threats (APTs) to target high-value assets with sensitive data.Difficult to detect: These exploits often are missed by traditional detection tools, especially…
What are zero-day attacks and why do they work?

Dec 1, 2025 6:49 PM

Tags: access, antivirus, attack, breach, bug-bounty, cyber, cybersecurity, data, detection, edr, email, endpoint, espionage, exploit, government, group, hacker, infrastructure, intelligence, malicious, mobile, network, phishing, risk, service, software, spear-phishing, strategy, supply-chain, tactics, threat, tool, unauthorized, update, vulnerability, vulnerability-management, zero-day, zero-trust

No available patch: These exploits are unknown to both vendors and defenders, meaning they have not been identified and patched yet, leaving the door open for attackers.High-value targets: These attacks are often used in cyber espionage, ransomware campaigns, and advanced persistent threats (APTs) to target high-value assets with sensitive data.Difficult to detect: These exploits often are missed by traditional detection tools, especially…
Russia limits WhatsApp use, claiming it enables terrorism, crime, espionage

Dec 1, 2025 5:49 PM

Tags: access, communications, crime, espionage, fraud, leak, russia, terrorism

Russian users of WhatsApp reported disruptions as authorities limited access to the app, which they said enabled fraud, terrorism and possibly a recent leak of diplomatic communications with the U.S. First seen on therecord.media Jump to article: therecord.media/russia-whatsapp-restrictions
Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign

Nov 26, 2025 7:50 PM

Tags: ai, attack, ceo, china, espionage

The House Homeland Security Committee asked Dario Amodei to answer questions about the implications of the attack and how policymakers and AI companies can respond. First seen on cyberscoop.com Jump to article: cyberscoop.com/house-homeland-asks-anthropic-ceo-to-testfy-on-chinese-espionage-campaign/
Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign

Nov 26, 2025 7:50 PM

Tags: ai, attack, ceo, china, espionage

The House Homeland Security Committee asked Dario Amodei to answer questions about the implications of the attack and how policymakers and AI companies can respond. First seen on cyberscoop.com Jump to article: cyberscoop.com/house-homeland-asks-anthropic-ceo-to-testfy-on-chinese-espionage-campaign/
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens

Nov 26, 2025 1:49 PM

Tags: access, apt, backdoor, cloud, corporate, detection, email, espionage, government, group, kaspersky, mail, malicious, microsoft, military, network, open-source, software, tactics, theft, tool

Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens

Nov 26, 2025 1:49 PM

Tags: access, apt, backdoor, cloud, corporate, detection, email, espionage, government, group, kaspersky, mail, malicious, microsoft, military, network, open-source, software, tactics, theft, tool

Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
APT35 Data Leak Uncovers the Iranian Hacker Group’s Operations and Tactics

Nov 25, 2025 1:49 AM

Tags: attack, breach, cyber, data, data-breach, espionage, group, hacker, intelligence, iran, leak, metric, tactics

In October 2025, a significant breach exposed internal operational documents from APT35, also known as Charming Kitten, revealing that the Iranian state-sponsored group operates as a bureaucratized, quota-driven cyber-espionage unit with hierarchical command structures, performance metrics, and specialized attack teams. The leaked materials provide an unprecedented window into how this Islamic Revolutionary Guard Corps Intelligence…
FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk

Nov 24, 2025 3:49 PM

Tags: china, espionage, network, risk

Months after China-linked spies burrowed into US networks, regulator tears up its own response First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fcc_salt_typhoon_rules/
FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk

Nov 24, 2025 2:49 PM

Tags: china, espionage, network, risk

Months after China-linked spies burrowed into US networks, regulator tears up its own response First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fcc_salt_typhoon_rules/
ToddyCat APT Targeting Internal Employee Communications at Organizations

Nov 24, 2025 12:49 PM

Tags: apt, communications, corporate, cyber, espionage, group, kaspersky, organized, threat

Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
ToddyCat APT Targeting Internal Employee Communications at Organizations

Nov 24, 2025 12:49 PM

Tags: apt, communications, corporate, cyber, espionage, group, kaspersky, organized, threat

Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
ToddyCat APT Targeting Internal Employee Communications at Organizations

Nov 24, 2025 12:49 PM

Tags: apt, communications, corporate, cyber, espionage, group, kaspersky, organized, threat

Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
ToddyCat APT Targeting Internal Employee Communications at Organizations

Nov 24, 2025 12:49 PM

Tags: apt, communications, corporate, cyber, espionage, group, kaspersky, organized, threat

Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
ToddyCat APT Targeting Internal Employee Communications at Organizations

Nov 24, 2025 12:49 PM

Tags: apt, communications, corporate, cyber, espionage, group, kaspersky, organized, threat

Advanced persistent threat actors continue to develop sophisticated techniques for compromising corporate communications, with the ToddyCat APT group demonstrating remarkable evolution in their operational capabilities. Recent research from Kaspersky reveals how this highly organized espionage group has refined methods for covertly accessing internal employee communications at target organizations throughout the second half of 2024 and…
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage

Nov 24, 2025 7:49 AM

Tags: ai, attack, china, cyber, espionage, hacking, tool

In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage

Nov 24, 2025 7:49 AM

Tags: ai, attack, china, cyber, espionage, hacking, tool

In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
Chinese APT24 Deploys Custom Malware, New Stealthy Tactics

Nov 22, 2025 12:49 AM

Tags: china, cloud, espionage, google, group, hacking, infrastructure, malware, tactics

3-Year Espionage Campaign Targeted Taiwanese Firms. Chinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt24-deploys-custom-malware-new-stealthy-tactics-a-30103
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings

Nov 21, 2025 10:49 PM

Tags: china, cyber, data-breach, espionage, network

Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
LINE Messaging Bugs Open Asian Users to Cyber Espionage

Nov 21, 2025 10:49 PM

Tags: attack, cyber, espionage

In a potential gift to geopolitical adversaries, the encrypted messaging app uses a leaky custom protocol that allows message replays, impersonation attacks, and sensitive information exposure from chats. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/line-messaging-bugs-asian-cyber-espionage
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings

Nov 21, 2025 10:49 PM

Tags: china, cyber, data-breach, espionage, network

Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
LINE Messaging Bugs Open Asian Users to Cyber Espionage

Nov 21, 2025 10:49 PM

Tags: attack, cyber, espionage

In a potential gift to geopolitical adversaries, the encrypted messaging app uses a leaky custom protocol that allows message replays, impersonation attacks, and sensitive information exposure from chats. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/line-messaging-bugs-asian-cyber-espionage
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings

Nov 21, 2025 10:49 PM

Tags: china, cyber, data-breach, espionage, network

Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
LINE Messaging Bugs Open Asian Users to Cyber Espionage

Nov 21, 2025 10:49 PM

Tags: attack, cyber, espionage

In a potential gift to geopolitical adversaries, the encrypted messaging app uses a leaky custom protocol that allows message replays, impersonation attacks, and sensitive information exposure from chats. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/line-messaging-bugs-asian-cyber-espionage
AI as Cyberattacker

Nov 21, 2025 7:49 PM

Tags: ai, china, cyberattack, espionage, finance, government, threat, tool

From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree”, using AI not just as an advisor, but to execute the cyberattacks themselves. The threat actor”, whom we assess with high confidence was a Chinese…
AI as Cyberattacker

Nov 21, 2025 7:49 PM

Tags: ai, china, cyberattack, espionage, finance, government, threat, tool

From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree”, using AI not just as an advisor, but to execute the cyberattacks themselves. The threat actor”, whom we assess with high confidence was a Chinese…