News • Insights • Analysis
Google Threat Intelligence Group (GTIG) has identified a sophisticated campaign attributed to UNC6508, a People’s Republic of China (PRC)-nexus threat actor, targeting institutions in the North American academic, medical, and military research community. While remaining undetected for over a year, Read More …
Russia’s domestic spy agency says it has uncovered a sprawling foreign espionage operation that allegedly turned the smartphones of senior Russian officials into pocket-sized surveillance devices, though it has so far offered little in the way of evidence. In a statement Read More …
Researchers at Rapid7 say that they have spotted what they believe was an Iranian intelligence cyber unit masquerading as the Chaos ransomware gang to hide a state-sponsored espionage operation. The intrusion was spotted earlier this year, and investigators say breadcrumbs Read More …
Through ongoing analysis of ShadowPad implants targeting South and Southeast Asia, TrendAI Research has uncovered a series of new related campaigns that are tracked under a temporary intrusion set (a provisional cluster of related activity pending formal attribution) designated SHADOW-EARTH-053, Read More …
Enterprises have long trusted Wi-Fi encryption and client isolation to secure their wireless infrastructure. However, Palo Alto conducted research presented at the NDSS Symposium 2026 that reveals that these safeguards can be breached by a novel set of attack techniques Read More …
British security officials found that a group linked to the Russian military is spying on users of compromised Small Office/Home Office (SOHO) routers in a broad cyber espionage campaign. A Microsoft blog goes into the technical details of these attacks. Read More …
Security researchers say they have identified a hack-for-hire group targeting journalists, activists, and government officials across the Middle East and North Africa. The hackers used phishing attacks to access targets’ iCloud backups and messaging accounts on Signal, and deployed Android Read More …
Iran-linked cyber operations are drawing renewed attention for relying less on advanced code and more on human manipulation to gain access to sensitive systems. At the centre of this activity is Charming Kitten, a group associated with Iran’s security apparatus Read More …
Southeast Asian governments were recently targeted by a highly sophisticated supply chain attack as part of a wider cyber-espionage campaign, which experts believe is the work of the Chinese government. Security researchers Check Point detailed their findings on Operation TrueChaos, Read More …
Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been aimed at supporting bomb-damage assessment following missile strikes. Tel Aviv-based Check Point Research on Tuesday Read More …
