state-sponsored Archives • Daily CyberSecurity

NCSC’s High-Stakes Warning on State-Sponsored Hijacking of Your Messaging Apps Cyber Operations Messaging App Security State-Sponsored Hijacking

Cyber Operations Messaging App Security State-Sponsored Hijacking

NCSC’s High-Stakes Warning on State-Sponsored Hijacking of Your Messaging Apps

Do Son April 1, 2026

In an era where digital connectivity is the lifeblood of professional and personal life, the National Cyber...

Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months

Do Son February 2, 2026

The developer behind Notepad++, the ubiquitous open-source text editor found on millions of developer desktops, has confirmed...

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies DarkSpectre, Browser Extension Espionage

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies

Do Son January 5, 2026

In a revelation that exposes a gaping hole in the browser extension ecosystem, Koi Security has unmasked...

“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups React2Shell RCE, Flight Protocol Deserialization

React2Shell RCE, Flight Protocol Deserialization

“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups

Do Son December 11, 2025

A critical security flaw in the popular React web framework has ignited a wave of cyberattacks, with...

Spy vs. Spy: Mercenary Spyware Targets the Developers Who Build It Mercenary spyware, developer target Serbian Spyware

Spy vs. Spy: Mercenary Spyware Targets the Developers Who Build It

Do Son October 22, 2025

Developer Jay Gibson recently contacted TechCrunch to recount his experience of being targeted by a state-sponsored spyware...

RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms

Do Son September 29, 2025

A new report from Recorded Future’s Insikt Group reveals that the Chinese state-sponsored threat group RedNovember has...

MuddyWater APT Shifts Tactics to Custom Malware MuddyWater APT ANY.RUN security incident

MuddyWater APT Shifts Tactics to Custom Malware

Do Son September 19, 2025

Group-IB analysts have released new intelligence on MuddyWater, the Iranian state-sponsored APT linked to Tehran’s Ministry of...

Russian APT UNC6293 Exploits Google Application-Specific Passwords to Hack Critics

Do Son June 20, 2025

In a new report released in cooperation with external partners, Google Threat Intelligence Group (GTIG) has attributed...

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign Silver Fox APT, Cyber Espionage

Silver Fox APT: Chinese Threat Actor Deploys Trojanized Medical Software in Stealth Espionage Campaign

Do Son June 20, 2025

A newly surfaced report from Picus has shed light on Silver Fox (a.k.a. Void Arachne or The...

APT41 Uses Google Calendar as Covert C2 in Stealthy Cyberespionage Campaign

Do Son May 30, 2025

In an example of cloud service abuse, Google Threat Intelligence Group (GTIG) has uncovered a new APT41...

Critical Alert 1 Active Exploit Detected Today