Tag: china
-
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro Dragon, RedDelta or Bronze President) has been spotted using an updated version of the TONESHELL backdoor and a previously undocumented USB worm called SnakeDisk. Mustang Panda has been active since…
-
China-Linked AI Pentest Tool ‘Villager’ Raises Concern After 10K Downloads
China-linked AI tool Villager, published on PyPI, automates cyberattacks and has got experts worried after 10,000 downloads in… First seen on hackread.com Jump to article: hackread.com/china-ai-pentest-tool-villager-10k-downloads/
-
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk.”The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor,” IBM X-Force researchers Golo Mühr and Joshua Chung said in an analysis published…
-
SEO Poisoning Targets Chinese Users with Fake Software Sites
SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/seo-poisoning-targets-china/
-
China Imposes One-Hour Reporting Rule for Major Cybersecurity Incidents
China is ramping up its cybersecurity enforcement with new regulations requiring network operators to report severe cybersecurity incidents within one hour. The rules, announced by the Cyberspace Administration of China (CAC), will come into effect on November 1, 2025, and mark a significant escalation in how the country manages threats to its critical digital infrastructure.…
-
China turns the screws on Nvidia with antitrust probe
Chip giant accused of breaching conditions of $6.9B Mellanox takeover First seen on theregister.com Jump to article: www.theregister.com/2025/09/15/china_nvidia_antitrust/
-
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
Tags: ai, china, cybercrime, framework, intelligence, malicious, penetration-testing, pypi, RedTeam, toolA new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes.Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as a…
-
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute malware.”The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites,” Fortinet FortiGuard Labs researcher Pei Han Liao said. “By using convincing language and small character First seen…
-
Over 500GB of Sensitive Great Firewall of China Data Leaked Online
A massive data breach has exposed the inner workings of China’s internet censorship system, with over 500GB of sensitive documents from the Great Firewall of China (GFW) leaked online on September 11, 2025. This represents the largest leak of internal GFW documents in history, providing unprecedented insight into China’s digital surveillance apparatus. Breach Origins The…
-
China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm
The post China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/china-aligned-hackers-unleash-upgraded-toneshell-and-new-usb-worm/
-
Cyber-scam camp operators shift operations to vulnerable countries as sanctions strike
PLUS: Japan woos Micron, again; China launches chip dumping probe; Mitsubishi expands opsec empire; and more! First seen on theregister.com Jump to article: www.theregister.com/2025/09/15/asia_tech_news_roundup/
-
Mustang Panda Uses SnakeDisk USB Worm and Toneshell Backdoor to Target Air-Gap Systems
IBM X-Force researchers have uncovered sophisticated new malware campaigns orchestrated by the China-aligned threat actor Hive0154, also known as Mustang Panda. The discovery includes an advanced Toneshell backdoor variant that evades detection systems and a novel USB worm called SnakeDisk specifically targeting Thailand-based devices. Enhanced Toneshell Backdoor Evades Detection The latest iteration of Toneshell, dubbed…
-
600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet
Hackers leaked 600 GB of data linked to the Great Firewall of China, exposing documents, code, and operations…. First seen on hackread.com Jump to article: hackread.com/great-firewall-of-china-data-published-largest-leak/
-
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Security Attacks
Security researchers at Straiker’s AI Research (STAR) team have uncovered Villager, an AI-native penetration testing framework developed by Chinese-based group Cyberspike that has already accumulated over 10,000 downloads within two months of its release on the official Python Package Index (PyPI). The tool combines Kali Linux toolsets with DeepSeek AI models to fully automate penetration…
-
Jeffrey Epstein’s Yahoo Inbox Revealed
Plus: ICE deploys secretive phone surveillance tech, officials warn of Chinese surveillance tools in US highway infrastructure, and more. First seen on wired.com Jump to article: www.wired.com/story/jeffrey-epsteins-yahoo-inbox-revealed/
-
Philippine military company spied upon with new China-linked malware
Cybersecurity researchers examining an intrusion into the network of a Philippine military company found a “new and advanced malware toolset” that they linked to China. First seen on therecord.media Jump to article: therecord.media/philippines-military-company-suspected-china-espionage-eggstreme-malware
-
Chinese Guarantee Syndicates and the Fruit Machine
When I was speaking to a group of Bank Security people in New York City yesterday, I mentioned “machine rooms” — which are rooms full of Apple iPhones that are used to send iMessage phishing spam. Someone in the audience asked “Where would they get that many phones?” The kids like to use the acronym…
-
EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military
The post EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/eggstreme-new-fileless-malware-from-a-chinese-apt-targets-philippine-military/
-
How China’s Propaganda and Surveillance Systems Really Operate
A series of corporate leaks show that Chinese technology companies function far more like their Western peers than one might imagine. First seen on wired.com Jump to article: www.wired.com/story/made-in-china-how-chinas-surveillance-industry-actually-works/
-
AI-powered penetration tool, an attacker’s dream, downloaded 10K times in 2 months
Shady, China-based company, all the apps needed for a fully automated attack – sounds totally legit First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/cobalt_strikes_ai_successor_downloaded/
-
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-apt-military-fileless/
-
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data…
-
NASA bars Chinese citizens from its facilities, networks, even Zoom calls
You don’t need to be a rocket scientist to figure out the reasons why First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/nasa_china_ban/
-
China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats
Two major hacking groups have pushed the bureau to adapt how they respond to stealthier, more patient attacks, a top FBI official said. First seen on cyberscoop.com Jump to article: cyberscoop.com/chinas-typhoons-changing-the-way-fbi-hunts-sophisticated-threats/
-
Chinese Hackers Allegedly Pose as US Lawmaker
Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spearphishing attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/chinese-hackers-allegedly-pose-us-lawmaker
-
Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware
Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity… First seen on hackread.com Jump to article: hackread.com/chinese-apt-philippine-military-eggstreme-fileless-malware/
-
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.”This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender First seen on thehackernews.com Jump to…
-
Chinese companies and bosses to face major fines over cybersecurity incidents
A proposed update to China’s national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don’t meet requirements. First seen on therecord.media Jump to article: therecord.media/china-cybersecurity-law-update-penalties-companies-executives
-
Southeast Asian Scam Centers Face More Financial Sanctions
Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/southeast-asian-scam-centers-financial-sanctions
-
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…