Nation-State

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

APT, China, espionage, FishMedley, i-Soon, Nation-State /

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley 2025-03-21 at 14:16 By Ionut Arghire The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign. The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley Read More »

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers

backdoor, China, Juniper, Junos OS, Mandiant, Nation-State, Network Security, UNC3886 /

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers 2025-03-12 at 18:45 By Ryan Naraine China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers Read More »

1,600 Victims Hit by South American APT’s Malware

APT, Blind Eagle, Colombia, cyberespionage, Nation-State, South America /

1,600 Victims Hit by South American APT’s Malware 2025-03-11 at 14:08 By Ionut Arghire South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign. The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

1,600 Victims Hit by South American APT’s Malware Read More »

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist

Bybit, Cryptocurrency, Ethereum, Lazarus, Malware & Threats, Nation-State, North Korea, SafeWallet /

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist 2025-03-07 at 01:09 By Ryan Naraine The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file. The post How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist Read More »

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain

BeyondTrust, Malware & Threats, Nation-State, PostgreSQL, Silk Typhoon, supply chain, US Treasury /

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain 2025-03-05 at 18:02 By Ryan Naraine Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks. The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.

React to this headline:

Loading spinner

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain Read More »

Iranian Hackers Target UAE Firms With Polyglot Files

cyberespionage, Iran, Nation-State, UAE /

Iranian Hackers Target UAE Firms With Polyglot Files 2025-03-05 at 16:08 By Ionut Arghire An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano. The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Iranian Hackers Target UAE Firms With Polyglot Files Read More »

North Korean Fake IT Workers Pose as Blockchain Developers on GitHub

fake IT workers, Nation-State, North Korea /

North Korean Fake IT Workers Pose as Blockchain Developers on GitHub 2025-03-05 at 15:03 By Ionut Arghire North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms. The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek. This

React to this headline:

Loading spinner

North Korean Fake IT Workers Pose as Blockchain Developers on GitHub Read More »

Freelance Software Developers in North Korean Malware Crosshairs

AnyDesk, DeceptiveDevelopment, ESET, fake IT workers, LinkedIn, Malware & Threats, Nation-State, North Korea /

Freelance Software Developers in North Korean Malware Crosshairs 2025-02-21 at 18:01 By Ionut Arghire ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters. The post Freelance Software Developers in North Korean Malware Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Freelance Software Developers in North Korean Malware Crosshairs Read More »

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics

China, Cisco, Cisco Talos, CVE-2018-0171, Nation-State, Salt Typhoon, Vulnerabilities /

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics 2025-02-21 at 17:04 By Ryan Naraine Cisco Talos observed Chinese hackers team pivoting from a compromised device operated by one telecom to target a device in another telecom. The post Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics Read More »

How China Pinned University Cyberattacks on NSA Hackers

China, cyberespionage, Equation Group, Featured, Nation-State, NSA, university /

How China Pinned University Cyberattacks on NSA Hackers 2025-02-21 at 14:34 By Ionut Arghire A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division. The post How China Pinned University Cyberattacks on NSA Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

How China Pinned University Cyberattacks on NSA Hackers Read More »

Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines

APT41, China APT, cybercrime, Malware & Threats, Nation-State, PlugX, Ransomware, Shadowpad, Symantec, Trend Micro /

Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines 2025-02-20 at 19:29 By Ryan Naraine China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers. The post Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines Read More »

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

APT44, cyberespionage, Malware & Threats, Mandiant, Nation-State, QR code, Sandworm, Signal Messenger /

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying 2025-02-19 at 13:04 By Ryan Naraine Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations. The post How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying appeared first on SecurityWeek.

React to this headline:

Loading spinner

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying Read More »

Russian State Hackers Target Organizations With Device Code Phishing

device code phishing, Microsoft, Nation-State, phishing, Russia, Storm-2372 /

Russian State Hackers Target Organizations With Device Code Phishing 2025-02-17 at 14:49 By Ionut Arghire Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Russian State Hackers Target Organizations With Device Code Phishing Read More »

Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks

China, Nation-State, Salt Typhoon, telecoms /

Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks 2025-02-14 at 14:05 By Ionut Arghire China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad. The post Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks Read More »

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

BeyondTrust, CVE-2024-12356, CVE-2025-1094, Nation-State, Rapid7, Treasury, Vulnerabilities /

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation 2025-02-13 at 22:20 By Ryan Naraine Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. The post Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation Read More »

Italian Government Denies It spied on Journalists and Migrant Activists Using Paragon Spyware

Mobile & Wireless, Nation-State, spyware /

Italian Government Denies It spied on Journalists and Migrant Activists Using Paragon Spyware 2025-02-12 at 22:00 By Associated Press The Italian government denied it hacked seven cellphones with military-grade surveillance technology from Paragon Solutions. The post Italian Government Denies It spied on Journalists and Migrant Activists Using Paragon Spyware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Italian Government Denies It spied on Journalists and Migrant Activists Using Paragon Spyware Read More »

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft

APT44, Microsoft, Nation-State, Russia, Sandworm, Seashell Blizzard /

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft 2025-02-12 at 19:10 By Ionut Arghire A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence. The post Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft Read More »

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack 

apple, Citizen Lab, CVE-2025-24200, iOS, iOS 18.3.1, Malware & Threats, Nation-State, USB Restricted Mode /

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  2025-02-10 at 22:01 By Ryan Naraine Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.”  The post Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack  Read More »

North Korean Fake IT Workers More Aggressively Extorting Enterprises

fake IT workers, FBI, Nation-State, North Korea /

North Korean Fake IT Workers More Aggressively Extorting Enterprises 2025-01-24 at 18:01 By Ionut Arghire North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions. The post North Korean Fake IT Workers More Aggressively Extorting Enterprises appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

North Korean Fake IT Workers More Aggressively Extorting Enterprises Read More »

North Korea Hackers Linked to Breach of German Missile Manufacturer

APT43, Diehl Defence, Kimsuky, Mandiant, Nation-State, North Korea, phishing /

North Korea Hackers Linked to Breach of German Missile Manufacturer 2024-09-30 at 20:46 By Ryan Naraine The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition. The post North Korea Hackers Linked to Breach of German Missile Manufacturer appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

North Korea Hackers Linked to Breach of German Missile Manufacturer Read More »

Scroll to Top