Tag: china
-
Flax Typhoon can turn your own software against you
The Chinese hacking group gained persistent access to a popular mapping tool by turning one of its features into a webshell and hardcoding access, according to ReliaQuest. First seen on cyberscoop.com Jump to article: cyberscoop.com/flax-typhoon-hinese-state-hackers-arcgis-backdoor-webshell/
-
Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence
ReliaQuest report reveals Flax Typhoon attackers maintained year-long access to an ArcGIS system First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-use-trusted-arcgis/
-
Chinese Owners Locked Out of Dutch Chip Maker Nexperia
Dutch Ministry Invokes National Security Law to Impose Domestic Control. The Dutch government said it is severing semiconductor chipmaker Nexperia from control by its Chinese parent after invoking a national security law allowing it to impose domestic control. Partially Chinese state-controlled Wingtech Technologies acquired a three quarters stake in Nexperia in 2018. First seen on…
-
The Guardian view on the online scam industry: authorities must not forget that perpetrators are often victims too | Editorial
A lucrative sector is spreading fast as criminal enterprises force abused and trafficked workers to cheat othersA Chinese court last month <a href=”https://www.theguardian.com/world/2025/sep/30/china-court-sentences-11-people-to-death-over-alleged-role-in-family-run-myanmar-scam-operations”>sentenced 11 people to death over their roles in a illegal scam empire along the border with Myanmar. But it won’t end a noxious multibillion-dollar industry that devastates the lives of two sets…
-
Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia
The Dutch ministry of economic affairs said it was making the “highly exceptional” move “following recent and acute signals of serious governance shortcomings” at Nexperia. First seen on therecord.media Jump to article: therecord.media/netherlands-special-powers-chinese-owned-semiconductor
-
China probes Qualcomm’s Autotalks deal amid rising US trade tensions
Beijing insists it’s business as usual Washington might see it differently First seen on theregister.com Jump to article: www.theregister.com/2025/10/13/qualcomm_autotalks_china_probe/
-
China probes Qualcomm’s Autotalks deal amid rising US trade tensions
Beijing insists it’s business as usual Washington might see it differently First seen on theregister.com Jump to article: www.theregister.com/2025/10/13/qualcomm_autotalks_china_probe/
-
China probes Qualcomm’s Autotalks deal amid rising US trade tensions
Beijing insists it’s business as usual Washington might see it differently First seen on theregister.com Jump to article: www.theregister.com/2025/10/13/qualcomm_autotalks_china_probe/
-
Dutch government puts Nexperia on a short leash over chip security fears
Minister invokes powers to stop firm shifting knowledge to China, citing governance shortcomings First seen on theregister.com Jump to article: www.theregister.com/2025/10/13/nexperia_special_measures/
-
Is America Behind the Ball When It Comes to AI Regulation?
As the U.S. debates AI regulation, Europe and China forge ahead. Explore global philosophies shaping how governments define and control artificial intelligence. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/is-america-behind-the-ball-when-it-comes-to-ai-regulation/
-
Senate says Nvidia chips are for America first as China tightens import controls
Xi to the left of me, Trump is to the right; Huang I am, stuck in the middle with GPUs First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/nvidia_chips_us_china/
-
Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks
In a new wrinkle for adversary tactics, the Storm-2603 threat group is abusing the digital forensics and incident response (DFIR) tool to gain persistent access to victim networks. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/chinese-hackers-velociraptor-ir-tool-ransomware-attacks
-
Open-source DFIR Velociraptor was abused in expanding ransomware efforts
Attribution and the ransomware cocktail: Talos links the campaign to Storm-2603, a suspected China-based threat actor, citing matching TTPs like the use of ‘cmd.exe’, disabling Defender protections, creating scheduled tasks, and manipulating Group Policy Objects. The use of multiple ransomware strains in a single operation Warlock, LockBit, and Babuk also bolstered confidence in this attribution.”Talos…
-
Open-source DFIR Velociraptor was abused in expanding ransomware efforts
Attribution and the ransomware cocktail: Talos links the campaign to Storm-2603, a suspected China-based threat actor, citing matching TTPs like the use of ‘cmd.exe’, disabling Defender protections, creating scheduled tasks, and manipulating Group Policy Objects. The use of multiple ransomware strains in a single operation Warlock, LockBit, and Babuk also bolstered confidence in this attribution.”Talos…
-
Chinese-Linked Hackers Breach Top Political US Law Firm
Williams & Connolly Hit in Zero-Day Campaign Impacting Client Emails. A zero-day vulnerability was used to breach email accounts at the elite D.C. law firm Williams & Connolly, with officials reportedly suspecting the hack is part of a China-linked campaign targeting the U.S. legal sector to support espionage, steal intelligence and establish long-term access routes.…
-
Warlock ransomware may be linked to Chinese state
The operators of Warlock ransomware who exploited a set of SharePoint Server vulns earlier in 2025 likely have some kind of link to the Chinese government, researchers claim First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632598/Warlock-ransomware-may-be-linked-to-Chinese-state
-
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL.”The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely…
-
Phantom Taurus: China-Linked Hackers Target Global Governments
China-linked hacker group Phantom Taurus targets global governments with advanced stealth malware. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/phantom-taurus-china-linked-hackers-target-global-governments/
-
APT Hackers Abuse ChatGPT to Develop Advanced Malware and Phishing Campaigns
Tags: ai, apt, chatgpt, china, cyber, cyberattack, email, group, hacker, intelligence, malware, phishing, spear-phishing, threatSecurity researchers at Volexity have uncovered compelling evidence that China-aligned threat actors are leveraging artificial intelligence platforms like ChatGPT to enhance their sophisticated cyberattack capabilities. The group, tracked as UTA0388, has been conducting sophisticated spear phishing campaigns since June 2025, using AI assistance to develop malware and craft multilingual phishing emails targeting organizations across North…
-
Chinese Hackers Weaponize Nezha Tool to Run Commands on Web Servers
Tags: attack, china, cyber, cyberattack, cybersecurity, exploit, hacker, malicious, monitoring, threat, toolSecurity researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web shells and subsequently weaponize Nezha, a legitimate server monitoring tool, for malicious command execution. Creative Attack Methodology Discovered Beginning in August 2025, cybersecurity firm Huntress identified an intrusion where attackers…
-
APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing
The post APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt-meets-gpt-china-aligned-uta0388-used-chatgpt-for-automated-multilingual-spear-phishing/
-
Researchers Out Front Companies for Chinese Intelligence
Beijing-Based Institute Researches Steganography, Forensics, Network Penetration. Beware previously undocumented front companies for China’s main intelligence service that appear to be tasked with gathering and developing steganography, digital forensic, network penetration and other cybersecurity tools to serve Beijing’s military and intelligence apparatus, warn researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-out-front-companies-for-chinese-intelligence-a-29677
-
Researchers Out Front Companies for Chinese Intelligence
Beijing-Based Institute Researches Steganography, Forensics, Network Penetration. Beware previously undocumented front companies for China’s main intelligence service that appear to be tasked with gathering and developing steganography, digital forensic, network penetration and other cybersecurity tools to serve Beijing’s military and intelligence apparatus, warn researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-out-front-companies-for-chinese-intelligence-a-29677
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
China-linked hackers target Asian organizations with Nezha monitoring tool
Incident responders at cybersecurity firm Huntress said they initially came across the campaign while investigating a vulnerable, public-facing web application that was the source of an intrusion at the beginning of August. First seen on therecord.media Jump to article: therecord.media/china-linked-hackers-target-asian-orgs-monitoring-tool
-
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets.The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique called log poisoning (aka log…
-
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-nexus-actors-nezha-open-source-tool
-
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-nexus-actors-nezha-open-source-tool