espionage Archives

Feds quash widespread Russia-backed espionage network spanning 18,000 devices

Forest Blizzard, a threat group attributed to Russia’s GRU, hijacked network traffic to steal credentials and tokens for Microsoft accounts and other services.

Apr 7, 2026 By Matt Kapko

A Stryker logo on a healthcare lamp. (Getty Images)

Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict

It’s been difficult early on to separate signal from noise, even if the attack on the medical device maker looks like a qualified success for the attackers.

Mar 12, 2026 By Tim Starks Drew F. Lawrence

Members of the Peoples Liberation Army band leave after the closing session of the Chinese People’s Political Consultative Conference, or CPPCC, at the Great Hall of the People on March 10, 2025 in Beijing. (Photo by Kevin Frayer/Getty Images)

China-based espionage group compromised Notepad++ for six months

The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers.

Feb 2, 2026 By Matt Kapko

North Korea Worker's Party Monument — The North Korea Worker’s Party Monument in Pyongyang. (Getty Images)

Long-running North Korea threat group splits into 3 distinct operations

The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike.

Jan 29, 2026 By Matt Kapko

Binary code displayed on a screen reflected in glasses. (Jakub Porzycki/NurPhoto via Getty Images)

Amazon pins Cisco, Citrix zero-day attacks to APT group

The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.

Nov 12, 2025 By Matt Kapko

North Korea’s Lazarus group attacked three companies involved in drone development

The attacks, which involved fake job offers as a social engineering lure, were likely aimed at stealing proprietary information about drone manufacturing, ESET said in a report.

Oct 23, 2025 By Matt Kapko

The Chinese national flag flies outside the Ministry of Foreign Affairs in Beijing on July 26, 2023. (Photo by GREG BAKER/AFP via Getty Images)

Palo Alto Networks spots new China espionage group showcasing advanced skills

Phantom Taurus has stolen sensitive data from ministries of foreign affairs, embassies, diplomats and telecom networks in the Middle East, Africa and Asia, researchers said.

Sep 30, 2025 By Matt Kapko

The Cisco Systems logo is displayed at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. (GABRIEL BOUYS / AFP)

CISA says it observed nearly year-old activity tied to Cisco zero-day attacks

The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.

Sep 25, 2025 By Matt Kapko

fancy bear phishing email — (Getty Images)

Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage

The group, linked to FSB Center 16, has been scanning the internet for end-of-life software, which it has found in droves.

Aug 20, 2025 By Greg Otto

Microsoft logo is seen in a Microsoft store on March 10, 2021, in New York.(Photo by John Smith/VIEWpress)

Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day

A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update.

Jun 10, 2025 By Matt Kapko