Digital Espionage & Intelligence
Coverage of cyber espionage, intelligence operations, surveillance technologies, information theft, counterintelligence trends, and geopolitical motivations driving covert digital campaigns between nation-states and advanced threat groups.
-
APT28 used BEARDSHELL and COVENANT to spy on Ukrainian military personnel
ESET says the Russian state-sponsored group APT28 has used two implants called BEARDSHELL and COVENANT since April 2024 to conduct long-term surveillance of Ukrainian military personnel.
·
·
1–2 minutes -
Iran-linked MuddyWater targets U.S. networks with new Dindoor backdoor
Broadcom’s Symantec and Carbon Black Threat Hunter Team say the Iran-linked MuddyWater group embedded itself inside several U.S. organizations, including banks, airports, a non-profit, and the Israeli arm of a…
·
·
1–2 minutes -
China-linked UAT-9244 used TernDoor, PeerTime, and BruteEntry in South American telecom attacks
Cisco Talos says China-linked threat actor UAT-9244 has targeted telecommunications providers in South America since 2024, using the TernDoor, PeerTime, and BruteEntry implants across Windows, Linux, and edge devices in…
·
·
1–2 minutes -
CyberStrikeAI: Chinese-Linked AI Attack Platform Compromises 600+ FortiGate Devices Across 55 Countries
An open-source AI-native offensive security tool called CyberStrikeAI, developed by a Chinese coder with ties to the Ministry of State Security, has been deployed by a Russian-speaking threat actor to…
·
·
12–18 minutes -
Cyber & Electronic Warfare · Cyber News & Updates · Digital Espionage & Intelligence · IranRevolution2026 · Operations & CampaignsIranian Revolution 2026: Complete Intelligence Briefing — Protests, War, Cyber Operations, and the Fall of Khamenei
Comprehensive intelligence briefing on the Iranian Revolution of 2026 — from the December 2025 protest eruption and regime massacres, through Operation Epic Fury and Operation Roaring Lion, the assassination of…
·
·
31–46 minutes -
Amnesty finds Predator spyware on Angolan journalist’s iPhone
Predator spyware: Amnesty’s Security Lab confirms a 2024 infection of an Angolan journalist’s iPhone, documenting data access and repeated re-infection attempts. The report links the incident to known exploitation chains…
·
·
2–4 minutes -
AI Weaponization: State Hackers Using Google Gemini for Espionage and Malware Generation
What Happened Google’s Threat Intelligence Group (GTIG) has confirmed that multiple state-sponsored hacking groups are actively using its Gemini large language model (LLM) to enhance their cyber espionage and attack…
·
·
4–6 minutes -
D-Knife Spyware: China-Linked APT Hijacks Routers for Cyber Espionage
Unveiling the D-Knife spyware campaign, a sophisticated China-linked APT operation hijacking internet routers for persistent surveillance and data exfiltration. Discover its techni
·
·
1–2 minutes -
China-Linked UNC3886 Cyber Espionage Targets Singapore Telecom
China-linked APT UNC3886’s sophisticated cyber espionage against Singapore’s telecom sector highlights evolving nation-state threats to critical infrastructure, demanding executive
·
·
2–3 minutes -
German Security Agencies Warn of State-Sponsored Phishing Attacks via Messenger Services
German security agencies issue a joint warning about state-sponsored phishing attacks targeting high-profile individuals via Signal and other messenger services, posing significant
·
·
2–3 minutes
