Tag

State-Sponsored

3 briefs RSS

FortiBleed Campaign: 73,932 FortiGate Systems Credentials Exposed

A Russian-speaking threat group utilized a large dataset of administrative and VPN credentials, likely sourced from exposed FortiGate configuration files and active credential harvesting, to access government, critical infrastructure, and multinational corporate networks, resulting in widespread data exfiltration.

FortiGate +1 Russian-speaking threat group credential-theft fortios state-sponsored espionage data-exfiltration russian-speaking critical-infrastructure government

3r 9t 1i 1d ago

high advisory

CrowdStrike 2026 Technology Threat Landscape Report: China's Ambitions Fuel Attacks

2 rules 6 TTPs

The CrowdStrike 2026 Technology Threat Landscape Report highlights the pervasive targeting of the technology sector by China-nexus and eCrime adversaries, employing tactics like password spraying, vulnerability exploitation, supply chain compromises (e.g., Axios npm package, GitHub repositories), and malware distribution (macOS info stealers via OpenClaw lures) to achieve intelligence collection, intellectual property theft, and financial extortion.

Axios npm package +1 intelligence-collection espionage supply-chain-compromise software-supply-chain extortion state-sponsored ecrime macos +1

2r 6t 2d ago

high advisory

State-Sponsored Actors Leveraging Vulnerabilities and Identity for Persistent Access (2025)

2 rules 6 TTPs

In 2025, state-sponsored actors from China, Russia, North Korea, and Iran leveraged vulnerabilities and identity compromise for initial access, focusing on persistence for long-term espionage or disruption.

state-sponsored apt persistence vulnerability-exploitation

2r 6t Apr 14, 2026