Security news aggregator

Latest coverage for Nation State

Nation State reporting covers malware, threat actors, infrastructure, reported incidents, disruption efforts, and defensive guidance for organizations.

828 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Nation-state activity is cyber activity conducted, directed, or supported by a government, including espionage, disruption, or theft of sensitive information. The label can also cover suspected government-linked actors; attribution is often uncertain and may reflect intelligence assessment rather than publicly proven control.

For practitioners, reporting under this tag can indicate risks to government, critical-infrastructure, research, or strategic commercial networks, particularly through exposed systems, stolen credentials, or exploitation of unpatched vulnerabilities. Useful responses include prioritizing vulnerability remediation on internet-facing assets, enforcing strong authentication, limiting access to sensitive systems, and retaining logs that support investigation. Threat intelligence can help assess whether observed infrastructure or malware resembles activity associated with a state, but defensive decisions should rely on the technical evidence and the affected organization’s risk, not attribution alone.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 828

US and allies warn of Russian APT groups targeting routers and network devices to compromise critical infrastructure worldwide. The US and allied governments warn that Russian state-sponsored APT groups are scanning and exploiting poorly secured network devices, especially routers, to access critical infrastructure. Groups linked to FSB Center 16, including Berserk Bear, Energetic Bear, Ghost […]

Bank Info Security 4 days, 19 hours ago

EU and UK Sanction Russian Nation-State Hackers

Governments Cite Winter Hack of Polish Power Grid and CyberespionageA winter Russian intelligence hack of the Polish energy grid and a protracted campaign of cyberespionage are behind coordinated sanctions against Moscow's intelligence apparatus announced Monday by the European Union and the United Kingdom.

State-sponsored attackers are targeting critical infrastructure networks in defense, communications, energy, finance, government and health care. The post Officials once again warn defenders that Russian hackers are targeting network devices appeared first on CyberScoop.

The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy

Richard Horne Seeks to Reframe Discussion of Cyber ExposureBritain's top cybersecurity official sought Wednesday to reframe digital defense as a contest against a constantly shifting opponent rather than a risk to be managed, calling today's spate of breaches and hacking incidents the opening salvos of a future war.

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance network tied to Chinese state-sponsored hacking groups including Volt Typhoon. The network was first spotted in late 2023 as a cluster inside KV-botnet. The U.S. government […]

The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026

Researchers Say Nation-State Actors Are Evolving Persistence TechniquesAn apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberespionage campaign affecting Asia-Pacific governments. The activity resembles attack patterns of the threat actor tracked as Mustang Panda

Loading more headlines...