Taiwan is a country tracked across 50 threat clusters and 387 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 16, 2026.
Check Point Software Technologies disclosed a critical authentication bypass vulnerability (CVE-2026-50751) affecting its Remote Access VPN and Mobile Access products, with exploitation confirmed since May 7, 2026. The…
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
The Chinese-speaking threat group CL-STA-1062 has been actively deploying a new .NET backdoor named TinyRCT against government and critical energy infrastructure in Southeast Asia throughout 2025. This campaign utilizes…
The Cybersecurity and Infrastructure Security Agency (CISA) has initiated the CI Fortify program to bolster the resilience of critical infrastructure operators against cyberattacks. This initiative encourages…
The China-linked threat actor UAT-7810 is evolving its malware toolkit, notably introducing LONGLEASH, an upgraded version of the SHORTLEASH backdoor. This group exploits known vulnerabilities in unpatched Ruckus…
On March 12, 2026, Zscaler ThreatLabz reported a campaign by the Tropic Trooper APT targeting Chinese-speaking individuals in Taiwan, Japan, and South Korea. The attack involved a malicious ZIP archive containing…
Chinese state-backed group TA416 has reemerged with intensified cyber espionage campaigns targeting European governments, following a quiet period since 2023. Proofpoint reported that the group's renewed activity began…
Daxin, a sophisticated backdoor linked to China, has reappeared in Taiwan, targeting a multinational high-tech manufacturer. Discovered in May 2026, it operates stealthily by hijacking legitimate TCP connections for…
Between June and December 2025, the Chinese state group Lotus Blossom compromised the shared hosting provider for Notepad++, redirecting update traffic to deliver malicious installers to targeted users. The attackers…
In 2026, Iranian APT groups, notably Cavern Manticore and OilRig, have intensified cyber operations against Israeli organizations, primarily in the IT and government sectors. Cavern Manticore employs a modular…