ESET has published a report on nation-state-aligned cyber activity between October 2025 and March 2026, identifying sustained operations by China-aligned groups against targets in Venezuela, Syria, South Korea and the Gulf. Chinese threat actors remained active across maritime, energy, government and advanced technology targets during the period. ESET linked that activity to areas where Beijing…
The U.K. National Cyber Security Centre (NCSC) issued fresh guidance calling on local government and critical infrastructure operators to harden denial-of-service (DoS) defences following a rise in pro-Russia hacktivist activity targeting organisations. The hackers attempt to disrupt operations, take websites offline, and disable services. “In particular, the group NoName057(16) has been active since March 2022,…
Jan 16, 2026Ravie LakshmananZero-Day / Cyber Espionage A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based…
Dec 18, 2025Ravie LakshmananMalware / Cloud Security A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report published today. The threat activity cluster…
Jamming space satellites and shutting down the production of Land Rovers – inside Putin’s hybrid war on the UK The UK is facing a new era that’s “forcing the biggest shift” in the intelligence agency’s mission since 9/11, the head of MI5 said in October. “In the last year, we and the police have disrupted…
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge. The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People’s Republic of China (PRC) to maintain long-term persistence on compromised systems. “BRICKSTORM is a sophisticated backdoor for VMware vSphere and Windows environments,” the agency said….
Cyber data breaches in local government across the UK have rocketed by a staggering 388% in the past three years – as criminal gangs and rogue states look to plunder vital information. New figures show that UK Metropolitan Councils have racked up more than 12,700 data breaches in the time period and have paid out…