All CosmicBytez Labs articles tagged #Espionage, across news, security advisories, how-to guides, and projects.
Security researchers at Seqrite Labs have uncovered Operation Dragon Weave, a new China-aligned cyber espionage campaign targeting government, research, academic, and financial organizations in the Czech Republic and Taiwan using the AdaptixC2 post-exploitation framework.
Western intelligence officials warn that Moscow's espionage apparatus is deploying cyber spies, hackers, and recruited middlemen to steal dual-use...
Nimbus Manticore, an Iranian advanced persistent threat group, has continued operations targeting aviation and software companies during and after the US.
Russia's Turla APT has transformed its long-running Kazuar backdoor into a modular peer-to-peer botnet architecture engineered for stealth and deep...
Secret Blizzard, a Russian state-sponsored threat group, has evolved its long-running Kazuar backdoor into a sophisticated modular peer-to-peer botnet...
A Belarusian nation-state threat group dubbed FrostyNeighbor is conducting a precise espionage campaign against government organizations in Poland and...
The China-linked threat group FamousSparrow has expanded its targeting to an Azerbaijani oil and gas company, marking a shift beyond its traditional...
Palo Alto Networks has disclosed that CVE-2026-0300, a critical CVSS 9.3 buffer overflow in the PAN-OS User-ID Authentication service, is being actively...
A Microsoft Windows vulnerability originally patched in a prior Patch Tuesday was incompletely remediated, leaving a residual attack surface that...
A previously undocumented China-aligned APT group tracked as GopherWhisper has targeted Mongolian governmental institutions, deploying a wide array of...
A newly identified Chinese advanced persistent threat group dubbed GopherWhisper has been deploying multiple Go-based backdoors alongside custom loaders...
Ukraine's CERT-UA has confirmed a suspected APT28 espionage campaign targeting Ukrainian prosecutors and anti-corruption agencies, exploiting Roundcube...
Threat actors have been exploiting an unpatched zero-day in Adobe Reader since at least November 2025, using specially crafted PDFs to fingerprint victims...
Russia's APT28 (Forest Blizzard) is conducting a malwareless espionage campaign by modifying a single DNS setting in vulnerable SOHO routers to silently...
Hours after the FBI confirmed that Iranian hackers gained access to Director Kash Patel's personal email account, the U.S. State Department reissued a $10...
Three threat activity clusters aligned with China jointly targeted a Southeast Asian government organization in a complex, well-resourced espionage...
Iran-linked Handala hackers have breached the personal email account of FBI Director Kash Patel, publishing stolen photos and documents in a high-profile...
Google's Threat Intelligence Group dismantles UNC2814, a China-linked operation that deployed a novel backdoor called GRIDTIDE abusing Google Sheets API...
Technical documents leaked from a malware-infected developer device expose a Chinese military-linked training platform that replicates the critical...
Russia-linked APT28 targeted government, diplomatic, and defense-adjacent entities across Western and Central Europe from September 2025 to January 2026...
A maximum-severity CVSS 10.0 hardcoded credentials vulnerability in Dell RecoverPoint for VMs has been under active exploitation by China-nexus threat...
Russia-linked APT28 (Fancy Bear) weaponized Microsoft Office CVE-2026-21509 within days of disclosure, deploying espionage implants against Ukrainian...
Google reports that APT groups from China, Russia, Iran, and North Korea are all actively using Gemini AI for cyber operations including target...
Google Threat Intelligence Group attributes a previously undocumented JavaScript malware called CANFAIL to a Russian-linked threat actor targeting...
Apple releases emergency patches across all platforms for a memory corruption vulnerability in the Dynamic Link Editor (dyld) that was exploited in...
Peter Williams, former GM of L3Harris's cyber subsidiary Trenchant, admits to selling eight zero-day exploit kits to a Russian broker for $1.3M in...
Singapore discloses that APT group UNC3886 compromised all four major telecom providers using zero-day exploits and rootkits, triggering the nation's...
Singapore discloses that APT group UNC3886 conducted a targeted espionage campaign against M1, SIMBA, Singtel, and StarHub using a previously unknown...
This week: state-backed espionage campaigns across 155 countries, China-linked router hijacking, ransomware surge, new security tools, and site updates.
Google has released an emergency Chrome update to fix a zero-day vulnerability being actively exploited in targeted attacks against journalists and activists.
The US Treasury Department has confirmed a significant cybersecurity incident, attributing the breach to state-sponsored threat actors who accessed...