cyber espionage

CrowdStrike has named and profiled a previously unreported China‑nexus cyberespionage cluster it calls WARP PANDA, a highly capable group that has spent years quietly breaching and persisting inside U.S. hybrid‑cloud and VMware environments to harvest high‑value data for intelligence purposes...

Kaspersky’s Global Research and Analysis Team (GReAT) has publicly exposed an active, server‑focused cyberespionage campaign — tracked as PassiveNeuron — that has compromised Internet‑facing Windows Server systems in government, financial and industrial environments across Asia, Africa and Latin...

Kaspersky’s Global Research and Analysis Team (GReAT) has exposed an active, server‑focused cyberespionage campaign — tracked as PassiveNeuron — that specifically targets Windows Server hosts in government, financial and industrial networks across Asia, Africa and Latin America, with activity...

Kaspersky’s GReAT team has pulled back the curtain on a deliberately targeted cyber‑espionage operation they call PassiveNeuron, a campaign that focuses on Windows Server hosts and employs a multi‑stage DLL loader chain, two previously undocumented implants (Neursite and NeuralExecutor) and...

GitHub’s secret scanning now includes built‑in validators for MongoDB, Meta (Facebook), and multiple Microsoft Azure token types, expanding the service’s ability to tell you not just that a secret was leaked but whether that secret is still usable — a capability that meaningfully changes how...

China-linked state actors have spent the last several years systematically compromising backbone and edge networking equipment — from provider-edge routers to customer-facing devices — to build a global espionage capability that steals subscriber metadata, intercepts authentication traffic, and...

Israel's military intelligence agency, Unit 8200, has been utilizing Microsoft's Azure cloud platform to store and analyze vast amounts of intercepted Palestinian communications, including millions of phone calls from Gaza and the occupied West Bank. This cloud-based system, operational since...

North Korea’s infamous Lazarus Group has returned to the international cyber stage with worrying new tactics. In a move that marks a tactical shift from sheer disruption to subtle infiltration, recent research reveals the group is seeding malware-laden open source software, bringing fresh...

Here is a summary of the main points from the article on The Register regarding China's accusation against US intelligence: Chinese Claims: China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day vulnerability to steal defense-related data and control more than 50...

In April 2025, Chinese authorities in Harbin accused the U.S. National Security Agency (NSA) of conducting sophisticated cyberattacks during the February Asian Winter Games, targeting critical infrastructure such as energy, transportation, and defense institutions in Heilongjiang province. The...

Foreign embassies in Moscow are facing an unprecedented onslaught of cyber espionage, orchestrated by Russian state-backed hackers leveraging an array of advanced techniques to compromise their digital security. According to recent disclosures from Microsoft Threat Intelligence, these actors...

Diplomatic missions working in Moscow now face a newly exposed, advanced cyber threat: Secret Blizzard’s adversary-in-the-middle (AiTM) campaign, designed to penetrate even the most security-conscious organizations. According to detailed analysis from Microsoft Threat Intelligence, this Russian...

In a revelation that has sent shockwaves through diplomatic circles and cybersecurity communities alike, recent investigations have exposed a Kremlin-backed espionage campaign leveraging local internet service providers (ISPs) within Moscow to target foreign embassies and siphon intelligence...

Microsoft has recently announced a significant policy change: the company will no longer permit engineers based in China to provide technical support for cloud services utilized by the U.S. Department of Defense (DoD). This decision follows investigative reports that raised concerns about...

In recent weeks, the technology industry has been rattled by revelations that Microsoft, the world’s largest software company and a linchpin of US government cloud infrastructure, permitted engineers based in China to provide maintenance and support for American government agencies utilizing its...

Amid heightening U.S.-China tech rivalry and gathering clouds of suspicion around supply chain security, Microsoft’s recently announced decision to cease using China-based engineers for support on Pentagon cloud projects marks both a watershed moment for defense technology policy and a sobering...

The recent revelation that the U.S. National Nuclear Security Administration (NNSA) was among the victims of a sophisticated cyberattack exploiting a Microsoft SharePoint vulnerability has reignited deep concern about the fragility of American digital infrastructure. The implications extend far...

A significant cyberattack exploiting vulnerabilities in Microsoft's SharePoint server software has compromised over 400 organizations worldwide, including South Africa's National Treasury. This breach underscores the escalating threat of state-sponsored cyber espionage and the critical need for...

A significant cybersecurity incident has recently unfolded, targeting Microsoft SharePoint servers worldwide. This attack has compromised numerous organizations, including government agencies and businesses, by exploiting previously unknown vulnerabilities in SharePoint's on-premises software...

Microsoft has recently issued an urgent alert regarding active cyberattacks targeting its on-premises SharePoint Server software. These attacks exploit previously unknown vulnerabilities, commonly referred to as "zero-day" exploits, allowing unauthorized access to sensitive organizational data...