FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365 Federal authorities have dismantled a Russian GRU DNS hijacking network that compromised 18,000 routers across 120 countries to steal Microsoft 365 credentials.

winbuzzer.com/2026/04/10/f...

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

The Finnish Security and Intelligence Service and the National Cyber Security Centre Finland at Traficom warn people in #Finland about #Russia’s practice of exploiting poorly secured home routers and other network devices for cyber espionage.⤵️
#CyberEspionage

Original post on cyberscoop.com

Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’ FBI cyber chief Brett Leatherman told CyberScoop the Russian GRU campaign was unique in how it could propagate from...

#Government #Technology #Threats #APT28 #Brett #Leatherman #cyber […]

[Original post on cyberscoop.com]

Hackers Hired to Target Android, iCloud of Egyptian, Lebanese Journalists and Activists A hack-for-hire group uses an iCloud phishing campaign and Android spyware to target two prominent Egyptian journalists and government critics.

Full Article: www.technadu.com/hackers-hire...

💬 Do you think hack-for-hire groups are the biggest emerging cyber threat? Share your thoughts below.
#Cybersecurity #CyberEspionage #Spyware #Phishing #Infosec #DigitalPrivacy

Original post on techcrunch.com

Hack-for-hire group caught targeting Android devices and iCloud backups Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iClou...

#Security #AccessNow #Android #cyberespionage #hackers […]

[Original post on techcrunch.com]

Original post on techcrunch.com

Hack-for-hire group caught targeting Android devices and iCloud backups Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iClou...

#Security #AccessNow #Android #cyberespionage #hackers […]

[Original post on techcrunch.com]

Russian hackers hijack internet traffic using vulnerable routers - Help Net Security Russian hackers used router hijacking to redirect internet traffic through malicious DNS servers, enabling credential theft.

Russian hackers hijack internet traffic using vulnerable routers

🔗 Read more: www.helpnetsecurity.com/2026/04/07/r...

#cyberespionage #cybersecurity #cybersecuritynews

Original post on microsoft.com

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure ho...

#Adversary-in-the-middle #(AiTM) #Cyberespionage #Forest […]

[Original post on microsoft.com]

TrueConf zero-day vulnerability exploited to target government networks - Help Net Security A zero-day vulnerability in the TrueConf client application was exploited to deliver malware through a compromised update process.

TrueConf zero-day vulnerability exploited to target government networks

🔗 Read more: www.helpnetsecurity.com/2026/04/02/t...

#cyberespionage #government #cybersecurity

China Upgrades the Backdoor It Uses to Spy on Telcos Globally Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.

China-linked actors are upgrading backdoors to spy on telecom networks - persistence and stealth are reaching new levels. Critical infrastructure remains a prime target. 🕵️‍♂️📡 #CyberEspionage #TelcoSecurity

China-Linked A China-linked APT group, Red Menshen, is targeting telecommunications providers in the Middle East and Asia with a stealthy Linux backdoor called BPFDoor for long-term espionage.

🇨🇳 China-linked APT 'Red Menshen' is planting stealthy BPFDoor backdoors in global telecom networks. The malware creates 'digital sleeper cells' for long-term espionage. 📡 #APT #BPFDoor #CyberEspionage

Mission to smuggle $170 million worth of AI tech to China collapsed for three men - Help Net Security Three individuals have been charged in an alleged smuggling scheme involving export-controlled AI chips routed to China through Thailand.

Mission to smuggle $170 million worth of AI tech to China collapsed for three men

🔗 Read more: www.helpnetsecurity.com/2026/03/26/a...

#AI #cyberespionage #cybersecurity

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones running iOS 18 or earlier at risk.

winbuzzer.com/2026/03/25/d...

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

#iOS #Apple #Cybersecurity #ZeroDay #Exploits #iPhone #Surveillance #Malware #Spyware #Hackers #Cybercrime #ThreatIntelligence #iOS18 #iPad #iPadOS #Hacking #Russia #Cyberespionage #Darksword #Iverify

Russian hackers go after high-value targets through Signal - Help Net Security Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn.

Russian hackers go after high-value targets through Signal

🔗 Read more: www.helpnetsecurity.com/2026/03/23/r...

#cyberespionage #phishing #cybersecurity

Justice Dept Seizes Iran Hacker Domains
Read More: buff.ly/O1LPc6w

#DOJ #DomainSeizure #IranCyber #CyberEspionage #ThreatActors #HarassmentCampaign #MedicalDeviceSecurity #InfosecNews

The espionage reality: Your infrastructure is already in the collection path Shared services, shared identity layers, shared connectivity providers — criminal and state affiliated actors move through the dependencies modern enterprises rely on. That overlap is a defining featu...

FYI - It is not trivial to understand these dependencies and assess vulnerabilities, especially when Shared Responsibility Models and Operations are in place ...
www.csoonline.com/article/4143... #CISO #CyberEspionage #cybersecurity #SharedServices #cloud

Russian Cyber Campaign Targets Signal and WhatsApp Users Through Social Engineering Tactics   Hackers believed to be linked to Russia are attempting to gain access to Signal and WhatsApp accounts of government officials, journalists, and military personnel worldwide—not by breaking encryption, but by manipulating users into giving up their access credentials. This warning was issued on Monday by the Netherlands’ intelligence and military agencies, AIVD and MIVD, which reported a "large-scale" cyber operation focused on compromising accounts on these messaging platforms. Instead of attacking the apps’ end-to-end encryption, the campaign aims to take control of user accounts and discreetly monitor their communications. According to the agencies, attackers directly contact targets through chats and convince them to share verification codes or PINs, effectively handing over account access. In certain instances, the hackers impersonate a Signal support bot to make their requests appear authentic. Once the code is provided, they can log in and view private messages or track group conversations without bypassing encryption. Another technique involves exploiting Signal’s “linked devices” feature, which allows multiple devices to connect to one account. If attackers successfully link their own device, they can observe messages in real time. Dutch authorities confirmed that this campaign has already impacted individuals, including those within the Dutch government. "The Russian hackers have likely gained access to sensitive information," the AIVD and MIVD said, adding that "targets and victims of the campaign include Dutch government employees" as well as journalists. Ironically, the strong encryption that makes these platforms popular among officials and reporters also increases their value as targets once an account is compromised. While end-to-end encryption secures messages during transmission, it offers no protection if an attacker gains direct access to the account. A Meta spokesperson told The Register that users should never share their six-digit code with others and that it provides detailed advice on how WhatsApp users can protect themselves from scams. Signal did not immediately respond to The Register’s inquiries. Meanwhile, Dutch authorities have issued a cybersecurity advisory and are helping affected users secure their accounts. They also highlighted warning signs of a potential breach, such as duplicate contacts appearing or numbers being marked as “deleted account” unexpectedly. The broader takeaway from intelligence officials is that while encrypted messaging apps are convenient, they are not designed for highly sensitive communication. As MIVD director Vice-Admiral Peter Reesink put it: "Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information." In essence, relying solely on the assumption that no one will request a verification code may not be sufficient for maintaining operational security.

Russian Cyber Campaign Targets Signal and WhatsApp Users Through Social Engineering Tactics #AIVDMIVDwarning #cyberespionage #DataBreach

DarkSword: Researchers uncover another iOS exploit kit - Help Net Security DarkSword is an iOS exploit toolkit used since late 2025 to hack iPhones via zero-day flaws and steal sensitive data and cryptocurrency.

DarkSword: Researchers uncover another iOS exploit kit

📖 Read more: www.helpnetsecurity.com/2026/03/19/d...

#cybersecurity #cybersecuritynews #cyberespionage #datatheft #iOS #iPhone

Hackers Claim China Supercomputing Breach
Read More: buff.ly/JmvkRST

#ChinaCyber #Supercomputing #DataExfiltration #Monero #CyberEspionage #ThreatActors #HackerForums #InfosecNews

Elite members of North Korean society fake their way into Western paychecks - Help Net Security North Korean IT workers carry out corporate infiltration through remote jobs, using fake identities, collaborators, and job cycling.

Elite members of North Korean society fake their way into Western paychecks

📖 Read more: www.helpnetsecurity.com/2026/03/19/n...

#cybersecurity #cybersecuritynews #cyberespionage #remoteworking

Partial Leak of Knownsec Corporate Documents Resurfaces With Espionage Tradecraft, Offensive Cyber Tools, and Global Targeting Evidence A threat actor known as Blastoize has posted a partial download of corporate documents from Knownsec, republishing material from a November 2025 breach that exposed over 12,000 classified files revealing offensive cyber tools, hardware attack vectors, global target lists, and government collaboration. The cache includes RAT source code for multiple platforms,...

Blastoize resurfaced a partial leak of Knownsec corporate docs from 2025, revealing RAT source code, offensive cyber tools, hardware attack specs, and global targeting involving India, South Korea, and Taiwan. #India #CyberEspionage #OffensiveOps

Inside the Silent Breach: How CIA Spies Steal Data Without Going Online A blog about the 17 spy agencies comprising the US Intelligence Community

Think an offline computer is safe? Think again.
CIA tools like “Brutal Kangaroo” prove hackers don’t need the internet—just access.
Even air-gapped systems have a weak point. #CyberEspionage #CyberSecurity #SpyTech #cia #espionage #hackers osintdaily.blogspot.com/2026/03/insi...

Ex-CIA Programmer Found Guilty of Stealing Vault 7 Data, Giving It to Wikileaks Joshua Schulte has been convicted for his role in the Vault 7 Wikileaks data dump that exposed invasive US cyber intelligence tactics.

Vault 7 was a wake-up call of how powerful cyber tools built for spying overseas exist inside government arsenals. Once that kind of code leaks, it can spread, get copied by the bad guys, and reshape the cyber battlefield. #CyberSecurity #CIA #CyberEspionage
www.darkreading.com/threat-intel...

🚨China–Costa Rica tensions rise after Costa Rica linked an ICE cyberattack to suspected PRC-linked group UNC2814. Beijing denies involvement and demands technical evidence, turning the incident from a cyber investigation into a diplomatic dispute.
#CyberSecurity #CyberEspionage #China #CostaRica

China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack Tensions between China and Costa Rica have risen after Costa Rican authorities attributed a cyberespionage breach of the Costa Rican Electricity Institute’s administrative email systems to UNC2814, a group that cybersecurity firms including Mandiant and Google have tracked. China has publicly requested technical evidence, proposed using UN cybercrime mechanisms and a...

China demands proof after Costa Rica blames UNC2814 for a cyberattack on the Costa Rican Electricity Institute that exposed 9GB of emails. China proposes UN mechanisms and a bilateral commission to investigate. #CostaRica #UNC2814 #CyberEspionage

Chinese state-sponsored hackers target Southeast Asian militaries with advanced malware like AppleChris and MemFun. #CyberEspionage #MilitarySecurity #APT #CyberThreats Link: thedailytechfeed.com/chinese-cybe...

Finland’s National Security Overview 2026 flags Russian and Chinese cyber espionage targeting government, critical infrastructure - Industrial Cyber Finland’s National Security Overview 2026 flags Russian and Chinese cyber espionage targeting government, critical infrastructure

Finland intelligence says Russia leans more on cyber spying as its traditional spy networks weaken. Breaking into government and policy systems without putting agents on the ground. Cyber espionage is now Moscow’s go to tool. #Russia #CyberEspionage #CyberSecurity
industrialcyber.co/reports/finl...

Iran war: What role is cyber warfare played in Iran? Militaries are often cagey about their cyber activities. But the US has hinted at the role it has played.

What role has cyber warfare played in #Iran?
www.bbc.co.uk/news/article...

#CyberEspionage & hacking play a large role in so-called "pre-positioning" for war.
#CyberWar #CyberSecurity #CyberAttack #IranWar

Cybercrime isn't just a cover for Iran's government goons : Ransomware, malware-as-a-service, infostealers benefit MOIS, too

Iran’s MOIS-linked cybercrime operations highlight how state actors blur lines between espionage, crime, and disruption. In cyberspace, attribution and intent rarely come clean. 🕵️‍♂️⚠️ #NationState #CyberEspionage

Salt Typhoon Hits Global Telecom Giants
Read More: buff.ly/PM49OLO

#SaltTyphoon #ChinaCyber #TelecomSecurity #CyberEspionage #CriticalInfrastructure #PhoneRecords #NationStateThreat #GlobalCyber