Find notable cyber news and cases, enriched with sources, timelines, and signals.

Shadow-Aether-040 AI-augmented campaign against Mexican government entities

Campaign
First reported
Last updated
Happening score
H score 41
1 unique sources, 1 articles

Summary

Hide ▲

The Shadow-Aether-040 campaign used AI agents and custom tooling to compromise six government entities in Mexico, increasing the risk of follow-on intrusion and data theft across Latin American public-sector networks. The operation ran from Dec. 27 to Jan. 4 and also touched financial services, aviation, and retail targets. Its use of agentic tooling, web shells, and traffic-tunneling methods shows a coordinated intrusion effort with broad regional relevance.

Related Happenings

Operation Escaneo Latin America intrusion campaign targeting government and finance

Campaign
H score57 First: 18.06.2026 14:30 Last: 18.06.2026 14:30 Sources 1

About this happening: The **Operation Escaneo** campaign exposed a **coordinated intrusion effort** against **government and financial targets across Latin America**, with confirmed victim access and d...

China-nexus agentic tools attack campaign targeting Japanese technology and East Asian cybersecurity organizations

Campaign
H score31 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: A **China-nexus actor** used **agentic tools** in a targeted attack against a **Japanese technology firm** and an **East Asian cybersecurity platform**, showing how AI-driven orch...

Google GTIG analysis of adversary AI use for exploit development and attack orchestration

Technical Analysis
H score33 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...

Municipal water and drainage utility provider in Mexico hit by network compromise

Incident
H score29 First: 07.05.2026 17:00 Last: 07.05.2026 17:00 Sources 1

About this happening: A **municipal water and drainage utility provider in Mexico** suffered a **significant IT compromise** that escalated into an attempted attack against **OT infrastructure**, raisi...

UAT-8302 government-targeting campaign across South America and southeastern Europe

Campaign
H score28 First: 05.05.2026 17:19 Last: 05.05.2026 17:19 Sources 1

About this happening: The **UAT-8302** campaign has been tied to attacks on **government entities** in **South America** and **southeastern Europe**, showing a multi-region operation with post-exploita...

Timeline

  1. 13.05.2026 16:00 2 articles · 1mo ago

    Shadow-Aether-040 compromises six Mexican government entities with AI agents

    Initial Disclosure

    Shadow-Aether-040 used AI agents and an agentic CLI with Anthropic's Claude to support vulnerability discovery, web-shell deployment, persistence, and workflow documentation while compromising six government entities in Mexico between Dec. 27 and Jan. 4; some intrusions led to data theft.

    Show sources