Cyber espionage stories

Google flags surging attempts to steal AI models as state-backed hackers weaponise Gemini for phishing, intel gathering and malware support.

Indian defence faces a decade-long silent siege as APT36 refines cross-platform cyber espionage with stealthy, persistent RAT campaigns.

CrowdStrike has split North Korea-linked LABYRINTH CHOLLIMA into three units, two for crypto theft and one for industrial espionage.

Google has dismantled IPIDEA’s vast residential proxy network, which hijacked millions of consumer devices for global cyber operations.

Politically themed LOTUSLITE phishing campaign hits US policy bodies, using DLL sideloading and espionage-focused backdoor tactics.

NCC Group links Silver Fox’s false-flag malware campaigns to ValleyRAT and uncovers critical PowerG flaws that can fully compromise alarms.

Proofpoint flags a sharp rise in Microsoft 365 account takeovers via device code phishing, hitting firms from finance to government.

AI-fuelled hacks and state cyber spies are tipped to dominate 2026, targeting drones, defence firms and vulnerable smaller businesses.

Chinese state-backed hackers mimic Microsoft Teams downloads in a false flag campaign to infect Chinese speakers and blame Russian actors.

Australia’s critical infrastructure faces rising state-backed cyber threats, forcing a shift to integrated, cloud-first security architectures.

CISOs are warned 2026 will bring harsher board scrutiny, AI-fuelled attacks, bigger budgets - and far less tolerance for cyber failure.

AI-native cyber attacks and synthetic IDs are forcing firms to shift from periodic checks to continuous, AI-driven security testing by 2026.

CrowdStrike’s Falcon platform scores 100% detection and protection with zero false positives in MITRE ATT&CK’s toughest cloud-era tests.

CrowdStrike’s Falcon platform scores 100% detection and protection with no false positives in MITRE’s toughest cross-domain ATT&CK tests yet.

Cyber chiefs predict 2026 cyber budgets will pivot from prevention and box-ticking to rapid response, recovery and demonstrable resilience.

SandboxAQ launches AQtive Guard AI-SPM to help firms track hidden AI use and tackle security risks from unmonitored 'shadow AI' deployments.

Qilin ransomware group has targeted 25 South Korean finance firms using managed service providers, exposing 2TB of data in a politically charged cyberattack surge.

Quantum cyber threats force organisations to urgently adopt post-quantum cryptography and strengthen critical infrastructure defences by 2026.

The US, UK and Australia have sanctioned Russian web-host Media Land and its leaders for aiding ransomware attacks via bulletproof hosting services.

New Zealand’s cybersecurity firm DEFEND clinched Microsoft’s Global Security Partner of the Year amid rising state-backed cyber attacks targeting local businesses daily.