Skip to main content
← All Articles

Tag

#Cyber Espionage

13 articles

Advertisement

TH
CRITICAL
Threat Intel

Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit

Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

Runtime Rebel Intel
13 min read·Jun 26, 2026
TH
HIGH
Threat Intel

Iranian Handala Group Claims Cal Water Hack, Exposing PII

Iranian cyber group Handala claims responsibility for breaching Cal Water, exposing 5GB of customer PII and RTKBase platform credentials. Analysis and mitigation

Runtime Rebel Intel
4 min read·Jun 12, 2026
OceanLotus Targets Vietnam with SPECTRALVIPER Backdoor in FireAnt Attack
CRITICAL
Threat Intel

OceanLotus Targets Vietnam with SPECTRALVIPER Backdoor in FireAnt Attack

OceanLotus APT targets Vietnamese infrastructure and stock investors with SPECTRALVIPER backdoor in multi-year cyber espionage and supply chain campaigns.

Runtime Rebel Intel
4 min read·Jun 11, 2026
TH
CRITICAL
Threat Intel

Iranian APT33 Targets Aviation with Updated MimicC2 and PowerLess

Iranian APT Nimbus Manticore (APT33) targets aviation and software firms using new MimicC2 framework and updated PowerLess tools for stealthy operations.

Runtime Rebel Intel
5 min read·May 26, 2026
China-Linked UAT-8302 Targets Governments with Custom APT Malware
HIGH
Threat Intel

China-Linked UAT-8302 Targets Governments with Custom APT Malware

UAT-8302, a China-linked threat group, targets government entities in South America and SE Europe using custom malware and shared APT toolsets.

Runtime Rebel Intel
3 min read·May 5, 2026
Chinese State-Backed Actors Industrialize Botnets for Covert Ops
CRITICAL
Threat Intel

Chinese State-Backed Actors Industrialize Botnets for Covert Ops

Chinese state-backed groups are adopting industrialized botnets, utilizing compromised devices for low-cost, low-risk, and deniable cyber operations.

Runtime Rebel Intel
4 min read·Apr 24, 2026
APT28 Forest Blizzard DNS Manipulation Targets SOHO Routers
CRITICAL
Threat Intel

APT28 Forest Blizzard DNS Manipulation Targets SOHO Routers

Russian APT28, or Forest Blizzard, is conducting malwareless cyber espionage by manipulating DNS settings on vulnerable SOHO routers to steal credentials from global

Runtime Rebel Intel
5 min read·Apr 9, 2026
APT28 Exploits MikroTik & TP-Link Routers in DNS Hijacking
CRITICAL
Threat Intel

APT28 Exploits MikroTik & TP-Link Routers in DNS Hijacking

Russian state-linked APT28 (Forest Blizzard) is compromising insecure SOHO routers globally, employing DNS hijacking for cyber espionage since May 2025.

Runtime Rebel Intel
4 min read·Apr 7, 2026
TH
HIGH
Threat Intel

Pro-Iranian Group Claims Hack of FBI Director's Personal Account

A pro-Iranian hacking group claims to have compromised the personal account of FBI Director Kash Patel, exfiltrating emails and documents.

Runtime Rebel Intel
4 min read·Mar 27, 2026
TH
CRITICAL
Threat Intel

Nation-State Cyber Operation: Israel's Compromise of Iranian Traffic Cameras

Analysis of the reported Israeli cyber operation targeting Iranian traffic cameras, detailing implications for critical infrastructure security and cyber-physical

Runtime Rebel Intel
4 min read·Mar 5, 2026
Chinese Police Use ChatGPT in Influence Operations Against Japan
HIGH
Threat Intel

Chinese Police Use ChatGPT in Influence Operations Against Japan

Chinese police reportedly used ChatGPT for politically motivated influence operations to smear Japan's PM Takaichi, highlighting AI's role in disinformation campaigns.

Runtime Rebel Intel
4 min read·Feb 26, 2026
TH
CRITICAL
Threat Intel

GRIDTIDE Espionage: PRC-Nexus UNC2814 Targets Telecoms Globally

Google disrupts GRIDTIDE, a novel backdoor used by PRC-nexus UNC2814 for global cyber espionage against telecommunications and government entities.

Runtime Rebel Intel
5 min read·Feb 25, 2026