Turkey is a country tracked across 50 threat clusters and 311 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 12, 2026.
Turkey is a sovereign nation with a diversified economy and significant critical infrastructure. In cybersecurity, it sits within a global threat environment characterized by large-scale botnets, state-sponsored espionage against infrastructure, and cloud-focused exploitation campaigns that can impact Turkish government, industry, and enterprise networks.
The Google Threat Intelligence Group has identified DarkSword, a full-chain iOS exploit affecting versions 18.4 to 18.7. This exploit leverages multiple zero-day vulnerabilities, including CVE-2025-31277 and…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…
In March 2026, Iranian hackers linked to the Ministry of Intelligence and Security (MOIS) breached the Los Angeles County Metropolitan Transportation Authority (LACMTA), stealing at least 700 gigabytes of sensitive…
The UK has announced a new package of 70 sanctions targeting Russia's shadow fleet and finance networks as part of efforts to support Ukraine and curb Vladimir Putin's war funding. The measures come as Prime Minister…
FamousSparrow, a China-aligned APT group, launched a multi-wave cyberespionage campaign against an Azerbaijani oil and gas company from late December 2025 to February 2026. The attackers employed an evolved DLL…
On April 19, 2026, Ukrainian forces targeted the Atlant-Aero drone production facility in Taganrog, Russia, using Neptune cruise missiles. This facility is known for developing Molniya and Orion UAVs, which are integral…
A new Linux malware family named Showboat has been discovered, targeting telecommunications firms primarily in the Middle East and Central Asia since mid-2022. Researchers from Lumen's Black Lotus Labs and PwC…
On March 22, 2026, President Donald Trump issued a 48-hour ultimatum to Iran, threatening to 'obliterate' its power plants if the Strait of Hormuz is not fully reopened. This comes as Iran launched missile attacks on…
A supply chain attack has compromised the DAEMON Tools software installers, which began on April 8, 2026. Kaspersky identified that these trojanized installers, signed with legitimate digital certificates, have affected…
A credential-harvesting campaign known as 'FortiBleed' has compromised over 75,000 Fortinet firewalls and VPNs across 194 countries. The attackers, suspected to be Russian-speaking cybercriminals, exploited previously…