Cyber on the Geopolitical, Battlefield: Beyond the, “Big Fourˮ

- Recorded Future assesses that a growing number of state-linked actors and patriotic hacktivists outside China, Russia, Iran, and North Korea are conducting offensive cyber operations tied to regional conflicts, espionage, and domestic surveillance, with observed incidents including DDoS/defacements, targeted espionage by APTs (e.g., APT36, SideWinder, APT32, Marbled Dust, StrongPity, Stealth Falcon), commercial spyware use, zero-day exploitation, and large data leaks (e.g., Morocco-related breaches). The report warns that geopolitical escalation and weaker international institutions increase the likelihood and scale of such operations and recommends geopolitical monitoring, threat intelligence tracking, travel/device risk mitigation, and continuity planning.