Tag: china
-
China-linked hackers breached dozens of telecoms, government agencies
The cyberattacks used a clever technique: malware that hid in plain sight on Google Sheets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-cyberattacks-telecommunications-google-sheets/813082/
-
OpenAI Confirms Chinese Hackers Used ChatGPT in Cyberattack Campaign
OpenAI has confirmed that Chinese-linked operators misused ChatGPT as part of a broader campaign that blended cyber operations, online harassment, and covert influence tactics, according to its latest threat report “Disrupting malicious uses of AI.” While the models were not used to write exploits or break into networks directly, they were repeatedly abused to plan…
-
Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-prolific-china-hacking/
-
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
Tags: access, api, apt, china, cloud, communications, cyber, cyberespionage, data, defense, endpoint, espionage, google, government, group, hacker, infrastructure, intelligence, linux, mandiant, monitoring, network, phone, radius, service, spy, theft, threat, vpnHow Mandiant found it: The campaign came to light during a Mandiant Threat Defense investigation, when analysts flagged unusual activity on a CentOS server. A binary named xapt, designed to masquerade as the apt package manager on Debian-based Linux systems, had already escalated to root and was running shell commands to confirm its access level,…
-
US artificial intelligence developers accuse Chinese firms of stealing their data
Artificial intelligence developers are accusing Chinese firms of stealing their intellectual property following a spate of ‘distillation attacks’, despite their own alleged theft of training data First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639367/US-artificial-intelligence-developers-accuse-Chinese-firms-of-stealing-their-data
-
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
Google and partners disrupted UNC2814, a suspected China-linked group that hacked 53 organizations across 42 countries. Google, with industry partners, disrupted the infrastructure of UNC2814, a suspected China-linked cyber espionage group that breached at least 53 organizations in 42 countries. The group has been active since at least 2017, and was spotted targeting governments and…
-
Google Disrupts Chinese Hacker Network Behind 53 Telecom, Gov’t Breaches
Tags: breach, china, cyber, espionage, google, government, group, hacker, infrastructure, intelligence, mandiant, network, threatGoogle and its partners have disrupted a major Chinese state-linked cyber espionage campaign that breached at least 53 telecommunications and government entities across 42 countries on four continents. The operation, led by Google Threat Intelligence Group (GTIG) alongside Mandiant and industry partners, dismantled the infrastructure of a suspected People’s Republic of China (PRC) nexus group…
-
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-police-chatgpt-smear-japan-pm-takaichi
-
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Tags: breach, china, cyber, espionage, google, government, group, infrastructure, international, usaGoogle on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries.”This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,” First…
-
Chinese cyberspies breached dozens of telecom firms, govt agencies
Google’s Threat Intelligence Group (GTIG), Mandiant, and partners disrupted a global espionage campaign attributed to a suspected Chinese threat actor that used SaaS API calls to hide malicious traffic in attacks targeting telecom and government networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-cyberspies-breached-dozens-of-telecom-firms-govt-agencies/
-
China-linked hackers breach dozens of telecoms, government agencies
The campaign involved a clever technique: malware that hid in plain sight on Google Sheets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-cyberattacks-telecommunications-google-sheets/813082/
-
Chinese prosecutors raise alarm about growth of domestic IP theft
China’s top prosecutorial agency said authorities have handled hundreds of domestic cases involving commercial espionage and technology leaks since 2021. First seen on therecord.media Jump to article: therecord.media/china-domestic-ip-theft-crackdown
-
Sonderabteilung des Staatsschutzes betroffen – Hacker aus China erbeuten in Italien Geheimdaten
First seen on security-insider.de Jump to article: www.security-insider.de/chinesische-hacker-erbeuten-daten-italienischer-staatsschutz-a-0a5936e1cf2feb29b924f322c4a12efb/
-
Chinese group’s ChatGPT use reveals worldwide harassment campaign against critics
OpenAI said a Chinese law enforcement agency uploaded reports to ChatGPT that details a worldwide digital operation to track and silence regime critics at home and abroad. First seen on cyberscoop.com Jump to article: cyberscoop.com/chinese-chatgpt-online-harassment-campaign-against-critics-dissidents/
-
OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents
Note to secret agents: ChatGPT is NOT a private diary First seen on theregister.com Jump to article: www.theregister.com/2026/02/25/chinese_law_enforcement_chatgpt_abuse/
-
Anthropic Accuses China AI Firms of Model Mining
DeepSeek, MoonShot AI, MiniMax Used 24K Fake Accounts in Campaign. Anthropic has accused three Chinese AI firms of running coordinated, large-scale operations to steal capabilities from its Claude models. The U.S.-based company said DeepSeek, Moonshot AI and MiniMax are conducting industrial-scale campaigns using tens of thousands of fraudulent accounts. First seen on govinfosecurity.com Jump to…
-
Anthropic Claims Chinese AI Firms ‘Distilled’ Claude to Train Their Models
Anthropic claims Chinese AI firms distilled Claude to train rival AI models, raising concerns about model extraction, security risks, and AI distillation abuse. First seen on hackread.com Jump to article: hackread.com/anthropic-china-ai-firms-distilled-claude-train-models/
-
Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns
Anthropic accused DeepSeek, Moonshot and MiniMax of illicitly using Claude to steal some of the AI model’s capabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-ai-claude-distillation/
-
Chinese AI Labs Launch Massive Distillation Attacks on Anthropic Claude, Tracking 13M Exchanges
Anthropic has identified and exposed industrial-scale data extraction campaigns orchestrated by three major Chinese AI laboratories: DeepSeek, Moonshot, and MiniMax. These organizations utilized approximately 24,000 fraudulent accounts to generate over 16 million exchanges with Anthropic’s Claude models. The primary objective of these campaigns was >>distillation,<< a technique where a less capable AI model is trained…
-
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their own models.The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms First seen…
-
The rise of the evasive adversary
Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-dayBig game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…
-
Anthropic Facing Allegations from Musk Over Large”‘Scale Data Misuse
Tech billionaire Elon Musk has publicly condemned the artificial intelligence firm Anthropic, accusing the company of massive data theft and hypocrisy. This confrontation follows Anthropic’s recent claims that competing Chinese artificial intelligence models unlawfully extracted training data from its flagship Claude model. The Distillation Controversy Earlier this week, Anthropic published a report accusing Chinese AI…
-
Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities
It poses a national security threat, the AI startup said, such as by possibly enabling offensive cyber operations. First seen on cyberscoop.com Jump to article: cyberscoop.com/anthropic-accuses-chinese-labs-ai-distillation-cyber-risk/
-
NDSS 2025 Generating API Specifications For Bug Detection Via Specification Propagation Analysis
Session 13B: API Security Authors, Creators & Presenters: Miaoqian Lin (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Yi…
-
NDSS 2025 Generating API Parameter Security Rules With LLM For API Misuse Detection
Session 13B: API Security Authors, Creators & Presenters: Jinghua Liu (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Yi Yang (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Kai…
-
VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report
Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN product, which allowed the hackers to gain access to 119 other unnamed organizations. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/23/vpn-flaws-allowed-chinese-hackers-to-compromise-dozens-of-ivanti-customers-says-report/
-
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
Patch, but verify first: Unit 42 directed organizations to Ivanti’s security advisory for remediation guidance, which recommends applying version-specific RPM patches for EPMM 12.x branches that require no appliance downtime. Ivanti cautioned, however, that the patch does not survive a version upgrade and must be reinstalled if the software is updated. “The permanent fix for…
-
NDSS 2025 The Midas Touch: Triggering The Capability Of LLMs For RM-API Misuse Detection
Session 13B: API Security Authors, Creators & Presenters: Yi Yang (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Jinghua Liu (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Kai…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ninja Browser & Lumma Infostealer Ghost Tapped: Tracking the Rise of Chinese Tap-to-pay Android Malware Hudson Rock Identifies Real-World Infostealer Infection Targeting OpenClaw Configurations Divide and conquer: how the new Keenadu backdoor exposed links…
-
FBI: Threats from Salt Typhoon are ‘still very much ongoing’
A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America’s private and public sectors. Michael Machtinger, deputy assistant director for cyber intelligence at the FBI, touted improved partnerships between the telecommunications industry and…