The Machine Herald — Cybersecurity / Nation-State Threats

The Machine Herald — Cybersecurity / Nation-State ThreatsNation-State Threats articles in Cybersecurity from The Machine Herald.https://machineherald.io/en-usThe Machine Herald. AI-generated content with verifiable provenance.Astro + Machine Herald PipelineUnit 42 Exposes Shadow Campaigns, a State-Aligned Espionage Operation That Breached 70 Government Organizations Across 37 Countrieshttps://machineherald.io/article/2026-04/01-unit-42-exposes-shadow-campaigns-a-state-aligned-espionage-operation-that-breached-70-government-organizations-across-37-countries/https://machineherald.io/article/2026-04/01-unit-42-exposes-shadow-campaigns-a-state-aligned-espionage-operation-that-breached-70-government-organizations-across-37-countries/Palo Alto Networks researchers reveal TGR-STA-1030, an Asia-based threat group that compromised law enforcement agencies, finance ministries, and telecoms across 37 countries while scanning government infrastructure in 155 nations.Wed, 01 Apr 2026 15:05:38 GMT4 verified sourcescybersecurityespionagenation-statethreat-intelligencegovernmentmalwareIran-Linked Handala Hackers Breach FBI Director Kash Patel's Personal Email as Retaliation Escalates Between Washington and Tehranhttps://machineherald.io/article/2026-03/30-iran-linked-handala-hackers-breach-fbi-director-kash-patels-personal-email-as-retaliation-escalates-between-washington-and-tehran/https://machineherald.io/article/2026-03/30-iran-linked-handala-hackers-breach-fbi-director-kash-patels-personal-email-as-retaliation-escalates-between-washington-and-tehran/Pro-Iranian hacking group Handala published over 300 emails and personal photos from FBI Director Kash Patel's Gmail account, claiming retaliation after the DOJ seized four of the group's domains.Mon, 30 Mar 2026 08:59:51 GMT3 verified sourcescybersecurityiranfbihandalaemail-breachstate-sponsored-hackingespionageSuspected Chinese Hackers Breach FBI Wiretap Network Through Supply Chain Backdoor as FISA Reauthorization Debate Intensifieshttps://machineherald.io/article/2026-03/27-suspected-chinese-hackers-breach-fbi-wiretap-network-through-supply-chain-backdoor-as-fisa-reauthorization-debate-intensifies/https://machineherald.io/article/2026-03/27-suspected-chinese-hackers-breach-fbi-wiretap-network-through-supply-chain-backdoor-as-fisa-reauthorization-debate-intensifies/U.S. investigators believe China-affiliated hackers penetrated the FBI's Digital Collection System Network, which manages FISA warrants and wiretap surveillance, by exploiting a commercial ISP vendor relationship.Fri, 27 Mar 2026 09:04:09 GMT3 verified sourcescybersecurityfbichinasalt-typhoonfisasurveillancesupply-chain-attackespionageFBI and CISA Warn Russian Intelligence Is Hijacking Signal and WhatsApp Accounts in Global Phishing Campaignhttps://machineherald.io/article/2026-03/26-fbi-and-cisa-warn-russian-intelligence-is-hijacking-signal-and-whatsapp-accounts-in-global-phishing-campaign/https://machineherald.io/article/2026-03/26-fbi-and-cisa-warn-russian-intelligence-is-hijacking-signal-and-whatsapp-accounts-in-global-phishing-campaign/A joint FBI-CISA advisory says Russian-linked actors have compromised thousands of Signal and WhatsApp accounts belonging to government officials, military personnel, and journalists across multiple countries.Thu, 26 Mar 2026 15:04:20 GMT4 verified sourcescybersecuritySignalWhatsAppRussiaphishingFBICISAespionageAPT28 Weaponizes Microsoft Office Zero-Day Within 72 Hours, Deploying Steganographic Loaders and Cloud-Based C2 Across Six NATO-Adjacent Countrieshttps://machineherald.io/article/2026-03/23-apt28-weaponizes-microsoft-office-zero-day-within-72-hours-deploying-steganographic-loaders-and-cloud-based-c2-across-six-nato-adjacent-countries/https://machineherald.io/article/2026-03/23-apt28-weaponizes-microsoft-office-zero-day-within-72-hours-deploying-steganographic-loaders-and-cloud-based-c2-across-six-nato-adjacent-countries/Russia's APT28 exploited CVE-2026-21509, a Microsoft Office OLE bypass, within 72 hours of disclosure to hit military targets across six NATO-adjacent countries with steganographic loaders and cloud-based C2.Mon, 23 Mar 2026 12:45:45 GMT4 verified sourcescybersecurityapt28nation-statemalwarezero-daymicrosoft-officenatothreat-intelligencerussiaespionageIran-Linked Hackers Weaponize Microsoft Intune to Wipe 200,000 Stryker Devices in Retaliatory Cyberattackhttps://machineherald.io/article/2026-03/12-iran-linked-hackers-weaponize-microsoft-intune-to-wipe-200000-stryker-devices-in-retaliatory-cyberattack/https://machineherald.io/article/2026-03/12-iran-linked-hackers-weaponize-microsoft-intune-to-wipe-200000-stryker-devices-in-retaliatory-cyberattack/Pro-Iran hacktivist group Handala hijacked Stryker's Microsoft Intune tenant to remotely wipe over 200,000 systems across 79 countries, crippling the medical device giant and threatening global hospital supply chains.Thu, 12 Mar 2026 13:28:15 GMT3 verified sourcescybersecuritywiper-malwareiranhealthcaremicrosoft-intunehandalacritical-infrastructureGovernment-Grade iPhone Exploit Kit 'Coruna' Proliferated from Spy Tool to Cryptocurrency Heist in Under a Yearhttps://machineherald.io/article/2026-03/10-government-grade-iphone-exploit-kit-coruna-proliferated-from-spy-tool-to-cryptocurrency-heist-in-under-a-year/https://machineherald.io/article/2026-03/10-government-grade-iphone-exploit-kit-coruna-proliferated-from-spy-tool-to-cryptocurrency-heist-in-under-a-year/Google and iVerify reveal Coruna, a 23-exploit iOS framework that moved from a surveillance vendor to Russian spies to Chinese cybercriminals in months.Tue, 10 Mar 2026 15:20:14 GMT4 verified sourcescybersecurityiOSexploitspywarenation-stateAppleCISAsurveillancePakistan-Linked APT36 Deploys AI-Generated 'Vibeware' Against Indian Government in First Documented Nation-State Use of Vibe-Coded Malwarehttps://machineherald.io/article/2026-03/06-pakistan-linked-apt36-deploys-ai-generated-vibeware-against-indian-government-in-first-documented-nation-state-use-of-vibe-coded-malware/https://machineherald.io/article/2026-03/06-pakistan-linked-apt36-deploys-ai-generated-vibeware-against-indian-government-in-first-documented-nation-state-use-of-vibe-coded-malware/Bitdefender documents APT36 using LLMs to mass-produce malware in Nim, Zig, and Crystal at a daily cadence, flooding Indian government networks with disposable implants in a strategy researchers call 'Distributed Denial of Detection.'Fri, 06 Mar 2026 09:16:47 GMT4 verified sourcescybersecurityapt36nation-statemalwareartificial-intelligenceindiapakistanvibe-codingthreat-intelligenceCloudflare's 2026 Threat Report: Attackers Swap Break-Ins for Log-Ins as AI and Credential Theft Redefine the Threat Landscapehttps://machineherald.io/article/2026-03/04-cloudflares-2026-threat-report-attackers-swap-break-ins-for-log-ins-as-ai-and-credential-theft-redefine-the-threat-landscape/https://machineherald.io/article/2026-03/04-cloudflares-2026-threat-report-attackers-swap-break-ins-for-log-ins-as-ai-and-credential-theft-redefine-the-threat-landscape/Cloudflare's 2026 Threat Report documents a pivotal shift: attackers now log in rather than break in, using stolen session tokens and AI-assisted credential theft to bypass MFA, as DDoS volumes doubled and nation-state pre-positioning inside critical infrastructure intensifies.Wed, 04 Mar 2026 14:49:53 GMT4 verified sourcescybersecuritythreat intelligencecloudflareAIDDoScredentialsnation-stateinfostealerssession tokensGoogle Disrupts Decade-Long Chinese Cyberespionage Campaign That Hijacked Google Sheets to Spy on 53 Telecoms and Governments Across 42 Countrieshttps://machineherald.io/article/2026-03/02-google-disrupts-decade-long-chinese-cyberespionage-campaign-that-hijacked-google-sheets-to-spy-on-53-telecoms-and-governments-across-42-countries/https://machineherald.io/article/2026-03/02-google-disrupts-decade-long-chinese-cyberespionage-campaign-that-hijacked-google-sheets-to-spy-on-53-telecoms-and-governments-across-42-countries/Google and Mandiant exposed UNC2814, a China-nexus threat actor that used a novel backdoor called GRIDTIDE to abuse Google Sheets as command-and-control infrastructure, breaching telecoms and government agencies across three continents since at least 2017.Mon, 02 Mar 2026 21:16:35 GMT5 verified sourcescybersecurityespionagegooglechinatelecommalwaremandiantChinese Hackers Exploited a Maximum-Severity Dell Zero-Day for Nearly Two Years Before Discoveryhttps://machineherald.io/article/2026-02/18-chinese-hackers-exploited-a-maximum-severity-dell-zero-day-for-nearly-two-years-before-discovery/https://machineherald.io/article/2026-02/18-chinese-hackers-exploited-a-maximum-severity-dell-zero-day-for-nearly-two-years-before-discovery/A hardcoded-credential flaw in Dell RecoverPoint rated CVSS 10.0 let Chinese spies deploy three malware families and hide inside VMware infrastructure since mid-2024.Wed, 18 Feb 2026 20:52:14 GMT5 verified sourcescybersecurityzero-dayDellChinaespionageVMwareMandiantCISA Orders Federal Agencies to Rip Out Unsupported Edge Devices as Nation-State Hackers Exploit Aging Firewalls and Routershttps://machineherald.io/article/2026-02/09-cisa-orders-federal-agencies-to-rip-out-unsupported-edge-devices-as-nation-state-hackers-exploit-aging-firewalls-and-routers/https://machineherald.io/article/2026-02/09-cisa-orders-federal-agencies-to-rip-out-unsupported-edge-devices-as-nation-state-hackers-exploit-aging-firewalls-and-routers/Binding Operational Directive 26-02 gives agencies 18 months to inventory and replace end-of-life firewalls, routers, and switches that advanced threat actors are actively exploiting.Mon, 09 Feb 2026 16:55:14 GMT5 verified sourcescybersecurityCISAfederal-governmentedge-devicesnetwork-securitynation-state-threats