Stay informed on the latest nation state cyber threats. Get expert analysis on cybersecurity incidents linked to global powers and state-sponsored hacks.
Search across headline titles and summaries.
Background for this topic.
Nation State is the concept in information security concerning the involvement of government entities in cyber operations and online espionage. In the purview of cyber security, nation states are often considered highly capable and sophisticated adversaries. These entities engage in cyber activities for a variety of purposes, including political, military, economic, and strategic advantages.
Nation state actors typically have significant resources at their disposal, which allow them to conduct widespread surveillance, launch targeted cyberattacks, and develop advanced cyber warfare tactics. Examples of such activities include the disruption of critical infrastructure, infiltration of secure communication channels, and theft of intellectual property or state secrets. The actions of nation state actors in cyberspace can have far-reaching implications for global security, international relations, and the stability of the digital landscape.
Weekly headline count for the current query.
Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to compromised hosts
Researchers Say Nation-State Actors Are Evolving Persistence TechniquesAn apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberespionage campaign affecting Asia-Pacific governments. The activity resembles attack patterns of the threat actor tracked as Mustang Panda
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. Over time, Kazuar has expanded from a relatively traditional backdoor into a highly modular peer-to-peer (P2P) botnet ecosystem designed to enable persistent, covert access to target environments. The post Kazuar: Anatomy of a nation-state botnet appeared first on Microsoft Security Blog.
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation
Critical Infrastructure Operators Urged to Fortify Against Nation-State AttacksThe Cybersecurity and Infrastructure Security Agency launched CI Fortify, urging critical infrastructure operators to adopt isolation and rapid recovery capabilities to maintain essential services under cyberattacks, amid warnings that nation-state actors are already embedded in operational systems.
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China
Solar Energy Spurt Comes Freighted With Chinese Nation-State Hacking WorriesThe European Commission froze funding for solar energy projects that use crucial components from Chinese companies such as Huawei, due to cybersecurity fears. The decision affects projects being funded by the European Investment Bank and other partner banks.
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices
Alleged Nation-State Hacker Being Held in Houston JailU.S. prosecutors allege 34-year-old Chinese national Xu Zewei operated under China’s Ministry of State Security to hack universities and firms during the pandemic, exploiting VPN and Exchange flaws and exfiltrating research data in a Silk Typhoon campaign.
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
Routing Malicious Traffic Through Hacked IoT Devices Is Leading to 'IoC Extinction'Networks comprised of hacked domestic devices underpin a mounting number of Chinese nation-state hacking operations, warned British, U.S. and a slew of other national cybersecurity agencies. The networks comprise small office home office routers, IoT equipment and smart devices.
Nation-State Hits Now Comprise Majority of Serious Incidents Probed by GovernmentBritish intelligence officials said they investigate about four major incidents per week, with the majority involving nation-state actors. Officials said the shape and scope of how cyberattacks are being wielded by the nation's adversaries continues to change as fast as the technology evolves.
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns
NCSC boss says China's whole-of-state cyber machine has become Britain's peer competitor in cyberspace State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.…