Getty Images
News brief: Nation-state hackers active on the global stage
Check out the latest security news from the Informa TechTarget team.
The world can be a dangerous place, and the nation-state hackers targeting critical infrastructure aren't making it any safer.
In fact, the number of cyberattacks threatening the nation's infrastructure is escalating. The "IBM X-Force 2025 Threat Intelligence Index" found that 70% of all cyberattacks in 2024 involved critical infrastructure.
From defense systems and telecommunications networks to biometric databases, no sector or system is immune to these sophisticated threats. Nation-state adversaries and their proxies are exploiting vulnerabilities to impede defense capabilities, undermine production, disrupt communications and access sensitive data.
This week's featured news serves as a stark reminder of the urgent need for strong cybersecurity measures to protect critical systems from state-sponsored threats, safeguard citizens' data and maintain global stability.
Nation-state hackers put defense industrial base under siege
Nation-state hackers are intensifying attacks on defense firms and the U.S. defense industrial base, targeting sensitive data and intellectual property.
Google researchers found that espionage groups from countries including China, Russia and North Korea have compromised at least two dozen organizations by exploiting zero-day vulnerabilities in edge devices, such as VPNs and gateways. Such campaigns aim to steal military secrets, disrupt operations and gain strategic advantages.
Newly identified hacking groups gain access to OT environments
Security researchers from Dragos have identified three new hacking groups targeting operational technology (OT) environments. The groups, dubbed Sylvanite, Azurite and Pyroxene, are exploiting vulnerabilities in critical infrastructure, raising concerns about the security of OT systems, which are essential for industries including energy, manufacturing and transportation.
The researchers highlighted the growing sophistication of cyberattacks, with threat actors using advanced techniques, including initial access brokers, living-off-the-land techniques and social engineering, to breach networks.
Singapore and its major telcos fend off Chinese hackers
Singapore's cybersecurity agencies and its four major telecommunications companies successfully defended against a prolonged cyberattack campaign linked to Chinese state-sponsored hackers.
The 11-month operation, dubbed Cyber Guardian, involved 100 incident responders across government and private sectors to protect the critical infrastructure. Despite successfully breaching some systems, the attackers did not compromise any personal data or disrupt any services.
Hackers breach Senegal national biometric database
Members of the Green Blood Group ransomware gang have breached Senegal's national biometric database, compromising the biometric data of nearly 20 million residents.
The attackers breached two servers at the Directorate of File Automation, exfiltrating sensitive data, including national ID cards and birth records, and leaked the data online.
The breach raises significant concerns about privacy, identity theft and the potential misuse of stolen data. The compromised data puts Senegalese citizens at greater risk of fraud and sows the seeds of distrust in the national ID system.
Ivanti EPMM zero-day bugs spark exploit frenzy -- again
Two zero-day vulnerabilities in Ivanti Endpoint Manager Mobile have been actively exploited by attackers, posing significant risks to organizations that rely on the platform for mobile device management.
The flaws, CVE-2026-1281 and CVE-2026-1340, enable unauthorized access to sensitive data and remote code execution. The vulnerabilities have been linked to attacks targeting government and private-sector entities, including the EU's European Commission and agencies of the Dutch and Finnish governments.
Ivanti has released patches to address the issues and has urged organizations to update their systems immediately.
Read the full article by Nate Nelson on Dark Reading.
Editor's note: An editor used AI tools to aid in the generation of this news brief. Our expert editors always review and edit content before publishing.
Richard Livingston is an editor with Informa TechTarget’s SearchSecurity site, covering cybersecurity news, trends and analysis.
