#espionage
11 articles
This archive collects 12 articles tagged espionage published between April 12, 2026 and May 16, 2026, giving security teams a focused view of how this topic has appeared across ZCyberNews coverage. Observed actor references include APT28 (Fancy Bear), APT37, and Deep#Door, presented only where the underlying article metadata supports the attribution. The affected-scope signals emphasize government, defense, and healthcare across Europe, South korea, and Southeast asia, helping readers compare exposure patterns without adding claims beyond the archive data. Severity coverage includes 2 critical, and 10 high reports.
HIGHSecret Blizzard Upgrades Kazuar Backdoor Into P2P Botnet
Secret Blizzard evolved Kazuar into a modular P2P botnet with 150 config options, AMSI/ETW bypass, and silent-mode nodes. Microsoft details the three-module architecture.
HIGHAPT37 Targets Ethnic Koreans in China With Android BirdCall Malware
ESET says APT37 compromised Sqgame card game platform to deliver BirdCall backdoor to Android devices, stealing SMS, call logs, and private keys from ethnic Koreans in Yanbian.
HIGHDeep#Door Python Backdoor Targets Windows Systems for Espionage
Deep#Door Python backdoor deploys persistent Windows implant for espionage — uses encrypted C2 channels, file exfiltration, and remote shell. No patch available.
HIGHChina-Linked SHADOW-EARTH-053 Hits Asian Govts, NATO State
Trend Micro tracks SHADOW-EARTH-053 targeting government and defense sectors across Asia and one NATO-aligned European state. Campaign uses custom backdoors and spear-phishing.
HIGHSilver Dragon APT Targets Southeast Asia, Europe in Espionage Campaign
Check Point Research tracks Silver Dragon, a Chinese-aligned APT group operationally linked to APT41, targeting government and telecom entities in Southeast Asia and Europe with…
HIGHUK Cyber Agency Handles Four Major Incidents Weekly
The UK's NCSC reports handling four nationally significant cyber incidents per week, with most now attributed to hostile foreign states like China and Russia, up from two per week…
HIGHMustang Panda Deploys New LOTUSLITE Variant Targeting Indian Banks
Mustang Panda's new LOTUSLITE variant targets Indian banks and South Korean policy circles via a dynamic DNS C2 over HTTPS, enabling remote shell access and file theft.
HIGHAgingFly Malware Targets Ukrainian Government and Hospitals
A new malware family dubbed 'AgingFly' is stealing authentication data from Chromium browsers and WhatsApp in targeted attacks against Ukrainian local government bodies and hospitals.
CRITICALCritical PDF Zero-Day Exploited for Months, Infrastructure Espionage Revealed
A critical zero-day vulnerability in widely used PDF software has been actively exploited for months. Concurrently, state-sponsored actors have been targeting fiber optic infrastructure for espionage.
HIGHFancy Bear APT Exploits Unpatched Flaws in Global Espionage Campaign
Russia's APT28 (Fancy Bear) is conducting a global cyber espionage campaign, exploiting unpatched vulnerabilities in routers and network devices to infiltrate government and defense targets.
HIGHStryker Hit by Cyberattack, Windows Zero-Day Exploited, China Supercomputer Hacked
Medical device giant Stryker confirms a cyberattack, while a patched Windows zero-day is actively exploited and a Chinese supercomputer cluster is breached.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.