Skip to main content
← All Articles

Tag

#Espionage

28 articles

Advertisement

China-Linked APT Targets Southeast Asia Critical Systems with New Backdoor
CRITICAL
Threat Intel

China-Linked APT Targets Southeast Asia Critical Systems with New Backdoor

A China-linked APT group has compromised ten organizations, including state-owned entities in Southeast Asia, deploying a new backdoor. Defenders must prioritize C2

Runtime Rebel Intel
4 min read·Jul 1, 2026
Mustang Panda Exploits Zoho WorkDrive for C2 in Indian Govt Attacks
CRITICAL
Threat Intel

Mustang Panda Exploits Zoho WorkDrive for C2 in Indian Govt Attacks

Mustang Panda, a China-aligned APT, targets Indian government and hydropower entities, leveraging Zoho WorkDrive as a C2 channel and deploying new malware.

Runtime Rebel Intel
4 min read·Jun 29, 2026
TH
CRITICAL
Threat Intel

Turla APT Deploys StockStay Backdoor in Ukraine Espionage Campaign

Russian APT Turla targets Ukrainian government and military entities with the custom StockStay backdoor for persistent access and cyber espionage.

Runtime Rebel Intel
3 min read·Jun 26, 2026
Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations
CRITICAL
Threat Intel

Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations

Google identifies STOCKSTAY, a new .NET backdoor by Russian actor Turla targeting Ukrainian military and Italian foreign policy interests via Windows systems.

Runtime Rebel Intel
3 min read·Jun 26, 2026
TH
CRITICAL
Threat Intel

UNC6508 Targets REDCap Servers: Espionage via INFINITERED Malware

PRC-nexus threat actor UNC6508 exploits REDCap servers in North America's medical and military research sectors, deploying INFINITERED malware for long-term espionage

Runtime Rebel Intel
6 min read·Jun 15, 2026
China-Nexus Actor: Year-Long Espionage Against US Researchers
CRITICAL
Threat Intel

China-Nexus Actor: Year-Long Espionage Against US Researchers

A China-nexus actor spied on US researchers for a year, stealing RedCAP credentials and exfiltrating sensitive data from numerous institutions, discovered by Google.

Runtime Rebel Intel
4 min read·Jun 15, 2026
TH
HIGH
Threat Intel

China-Linked Espionage Targets REDCap Servers, Stealing Medical Data

China-linked threat actors breached exposed REDCap servers, deploying InfiniteRed malware to steal sensitive medical research from a North American institution.

Runtime Rebel Intel
5 min read·Jun 15, 2026
TH
HIGH
Threat Intel

China's Strategic Threat: Analyzing the 2026 Tech Landscape

Analysis of China-linked cyber espionage trends and the strategic targeting of global technology sectors driven by the 15th Five-Year Plan.

Runtime Rebel Intel
3 min read·Jun 11, 2026
TH
CRITICAL
Threat Intel

Chinese APT UNC5221 Deploys New Malware for M365 Persistence

Chinese APT UNC5221 leverages new malware, Plenet and AgentPSD, alongside Brickstorm backdoor to maintain persistent access in compromised Microsoft 365 environments for

Runtime Rebel Intel
5 min read·Jun 5, 2026
OP-512: Analyzing the Custom Web Shell Framework Targeting Microsoft IIS
HIGH
Threat Intel

OP-512: Analyzing the Custom Web Shell Framework Targeting Microsoft IIS

Security researchers have identified OP-512, a China-nexus threat cluster targeting Microsoft IIS servers with a bespoke web shell framework for espionage.

Runtime Rebel Intel
4 min read·Jun 5, 2026
Handala Brand Evolution: Iran MOIS Shifts to Hybrid Physical Attacks
HIGH
Threat Intel

Handala Brand Evolution: Iran MOIS Shifts to Hybrid Physical Attacks

Iran’s MOIS expands the Handala brand into hybrid operations, combining cyber espionage with physical sabotage targeting U.S. and Israeli interests.

Runtime Rebel Intel
3 min read·Jun 2, 2026
FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing
CRITICAL
Threat Intel

FrostyNeighbor APT Targets Poland/Ukraine Gov with Spear-Phishing

Belarussian APT 'FrostyNeighbor' is deploying spear-phishing campaigns against Polish and Ukrainian government entities after unique victim fingerprinting, aiming for

Runtime Rebel Intel
4 min read·May 14, 2026