Cyber espionage stories

China-linked TA416 returns to spying on European diplomats and later expands attacks to Middle Eastern government targets after Iran conflict.

Rapid7 says China-linked Red Menshen has planted dormant “sleeper cells” inside global telecoms networks to quietly maintain long-term access.

AI-fuelled cyber attacks are spreading faster worldwide, CrowdStrike warns, as breakout times plummet and criminals weaponise mainstream tools.

Iranian state-aligned hackers are shifting from spying to destructive cyber strikes, putting Western critical infrastructure on high alert.

Attackers push fake Red Alert Android app via SMS, turning Israel rocket warning tool into spyware that steals messages, contacts and location.

Cloud identity compromise now drives over 80% of cyber incidents, as attackers increasingly abuse trusted accounts and workplace tools.

New research links Iran conflict to a swift surge in tightly targeted cyber espionage across Middle Eastern governments and embassies.

Wireless flaws have surged 230-fold since 2010, as Bastille warns AI data centres and critical infrastructure face escalating unseen risks.

Google warns attackers are shifting from browsers to corporate systems, as tracked zero-day exploits climb and enterprise edge devices surge.

Cloudflare warns AI-driven identity fraud and SaaS abuse are reshaping cybercrime, as global costs hit USD $10.5 trillion a year.

Google says it has crippled a China-linked cyber espionage group accused of hacking telecoms and governments in at least 42 countries.

AI-fuelled ransomware, rapid cloud intrusions and identity abuse are transforming cyber risk, slashing response times for defenders.

Cyber attacks on industrial systems in 2025 shifted from quiet spying to coordinated operations aiming to disrupt critical infrastructure.

Cyber operations have become constant, covert pressure in geopolitics, with AI-fuelled identity abuse replacing headline-grabbing cyberattacks.

Google flags surging attempts to steal AI models as state-backed hackers weaponise Gemini for phishing, intel gathering and malware support.

Indian defence faces a decade-long silent siege as APT36 refines cross-platform cyber espionage with stealthy, persistent RAT campaigns.

CrowdStrike has split North Korea-linked LABYRINTH CHOLLIMA into three units, two for crypto theft and one for industrial espionage.

Google has dismantled IPIDEA's vast residential proxy network, which hijacked millions of consumer devices for global cyber operations.

Politically themed LOTUSLITE phishing campaign hits US policy bodies, using DLL sideloading and espionage-focused backdoor tactics.

NCC Group links Silver Fox's false-flag malware campaigns to ValleyRAT and uncovers critical PowerG flaws that can fully compromise alarms.