City of Elne (France)
October 15, 2025
•[ ransomware, data leak, nation-state ]
French press reports Russian-linked Qilin targeted Elne shortly after school attacks
Undisclosed Uzbekistan organization
October 1, 2025
•[ nation-state, phishing, malware ]
A nation-state actor known as Bloody Wolf expanded operations to Uzbekistan using geofenced spearphishing delivering malicious JAR loaders that installed NetSupport RAT for persistent access; no data theft was reported.
Undisclosed Major Technology Firm
September 15, 2025
•[ data leak, nation-state, AI-automated attack ]
Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed major technology firm where sensitive information was stolen via exploitation of application server infrastructure.
Undisclosed Financial Institution
September 15, 2025
•[ data leak, nation-state, vulnerability exploitation ]
Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed financial institution where sensitive information was stolen via exploitation of application server infrastructure.
Undisclosed Chemical Manufacturer
September 15, 2025
•[ data leak, nation-state, AI-automated attack ]
Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed chemical manufacturer where sensitive information was stolen via exploitation of application server infrastructure.
Undisclosed Government Agency
September 15, 2025
•[ nation-state, data leak, vulnerability exploit ]
Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed government agency where sensitive information was stolen via exploitation of application server infrastructure.
United States National Guard (select components)
June 15, 2025
•[ espionage, nation-state ]
SecurityWeek reported that China-linked Salt Typhoon compromised National Guard systems in an espionage operation; details limited.
Kurdish Government and Media Institutions
May 15, 2025
•[ cyber-espionage, phishing, data leak ]
Iran-linked threat actor MuddyWater (MOIS) conducted cyber-espionage operations against Kurdish government and media infrastructure in Iraq during MayJune 2025 using phishing and web-shells to steal credentials and internal documents; reported Jun 25 2025.
