espionage
Safeguard articles tagged "espionage" — guides, analysis, and best practices for software supply chain and application security.
6 articles
Screening Serpens (UNC1549): Iran-Nexus Espionage and the MiniUpdate RAT (May 2026)
Unit 42's May 22, 2026 report tracks the Iran-nexus group Screening Serpens deploying new MiniUpdate and MiniJunk V2 RATs against US, Israeli, and Gulf targets using job-themed lures and DLL sideloading.
Shadow-Earth-053: China-Aligned Espionage Across Asia and a NATO State (May 2026)
Trend Micro's May 1, 2026 disclosure of Shadow-Earth-053 documents a China-aligned campaign exploiting N-day Exchange and IIS flaws to plant Godzilla web shells and ShadowPad across government, defense, and civil-society targets in eight-plus countries.
PyPI's aliyun-ai-labs Campaign: Three Packages, One Targeted Region
Three PyPI packages impersonating Alibaba's AI Labs SDK exfiltrated .gitconfig data from developer machines in a regionally targeted 2025 espionage campaign.
Chrome Zero-Day CVE-2025-2783: Sandbox Escape Used in Espionage Campaign
Kaspersky discovered a Chrome zero-day being exploited in a targeted espionage campaign dubbed Operation ForumTroll. The flaw broke Chrome's sandbox with no user interaction beyond clicking a link.
Microsoft Breached by Midnight Blizzard: Russian Hackers Read Executive Emails
In January 2024, Microsoft disclosed that the Russian state-sponsored group Midnight Blizzard had been reading emails of senior executives and security team members since November 2023, using a password spray attack against a legacy test account.
News Corp Breach: Chinese Espionage Targeted Journalists for Two Years
A China-linked espionage operation infiltrated News Corp's systems for nearly two years, targeting journalists covering topics sensitive to Beijing — a stark example of state-sponsored cyber espionage against the press.