Tag: china
-
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
As concerns mount about potential cyber sabotage by the Chinese government, the U.S. is warning operators to practice maintaining services in a degraded state. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-ci-fortify-isolation-recovery-guidance/819317/
-
CISA urges critical infrastructure firms to ‘fortify’ now before it’s too late
As concerns mount about potential cyber sabotage by the Chinese government, the U.S. is warning infrastructure operators to practice maintaining services in a degraded state. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-ci-fortify-isolation-recovery-guidance/819317/
-
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
The cybersecurity company says it’s seen thousands of infection attempts, and at least a dozen successful hacks after users installed malicious versions of the popular Windows software. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/05/kaspersky-suspects-chinese-hackers-planted-a-backdoor-into-daemon-tools-in-widespread-attack/
-
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025.The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have been…
-
ScarCruft Targets Gaming Platform With Windows, Android Backdoors
A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
-
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Educational institutions are now facing a coordinated mix of state espionage, spear”‘phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show signs of easing. Every attributed campaign was linked to state actors, with no financially motivated groups observed. China-aligned clusters led by MISSION2074 dominate, with additional activity from Stone Panda, Hafnium, Lotus…
-
UAT-8302 and its box full of malware
Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8302/
-
UAT-8302 and its box full of malware
Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8302/
-
North Koreans Spy on Defectors Via Android Game Apps
Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
-
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/china-scarcruft-supply-chain-attack/
-
Europe Cuts Off Funding for Chinese Solar Inverters
Solar Energy Spurt Comes Freighted With Chinese Nation-State Hacking Worries. The European Commission froze funding for solar energy projects that use crucial components from Chinese companies such as Huawei, due to cybersecurity fears. The decision affects projects being funded by the European Investment Bank and other partner banks. First seen on govinfosecurity.com Jump to article:…
-
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/silver-fox-tax-themed-attacks-india-russia
-
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor.The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities.”Both waves…
-
276 Arrested as Authorities Dismantle Crypto Scam Centers Targeting Americans
In an unprecedented international law enforcement operation, authorities have dismantled at least nine overseas cryptocurrency scam centers, resulting in the arrest of 276 individuals. The coordinated effort, led by the FBI, Dubai Police, and the Chinese Ministry of Public Security, targeted transnational criminal networks running sophisticated >>pig butchering<< investment fraud schemes against American citizens. Threat…
-
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses.The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership with…
-
Salt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defenses
April 2026 breach at Sistemi Informativi (IBM Italy) raises concerns over Chinese-linked cyber ops in Europe, including Salt Typhoon. In late April 2026, the Italian cybersecurity landscape was shaken by a significant breach targeting Sistemi Informativi, a company wholly owned by IBM Italy that provides IT infrastructure management for key public and private institutions. The…
-
45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks. First seen on hackread.com Jump to article: hackread.com/45k-attacks-53k-backdoor-china-cybercrime-operation/
-
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO.Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to First seen…
-
China-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage Campaign
Tags: china, cyber, espionage, exploit, government, group, hacker, infrastructure, microsoft, threat, vulnerabilityChina-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian governments, critical infrastructure, and one NATO member state. The group primarily targets government entities and critical infrastructure in South, East, and Southeast Asia, with additional activity against at least one…
-
Breach Roundup: US Cyber Command Flags Election Threats
Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE Flaw. This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution. First seen on govinfosecurity.com Jump to article:…
-
FBI: Chinese Hacker Extradition Sends a Global Message
Alleged Nation-State Hacker Being Held in Houston Jail. U.S. prosecutors allege 34-year-old Chinese national Xu Zewei operated under China’s Ministry of State Security to hack universities and firms during the pandemic, exploiting VPN and Exchange flaws and exfiltrating research data in a Silk Typhoon campaign. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fbi-chinese-hacker-extradition-sends-global-message-a-31561
-
FBI and International Agencies Shut Down Scam Centers, Arrest 276 People
The FBI and law enforcement from Dubai, Thailand, and China shut down nine scam centers and arrested 276 people in connection with crypto fraud operations that were used to target Americans and steal millions of dollars by convincing victims to invest money through seemingly legitimate but fake crypto platforms. First seen on securityboulevard.com Jump to…
-
FBI and International Agencies Shut Down Scam Centers, Arrest 276 People
The FBI and law enforcement from Dubai, Thailand, and China shut down nine scam centers and arrested 276 people in connection with crypto fraud operations that were used to target Americans and steal millions of dollars by convincing victims to invest money through seemingly legitimate but fake crypto platforms. First seen on securityboulevard.com Jump to…
-
FBI and International Agencies Shut Down Scam Centers, Arrest 276 People
The FBI and law enforcement from Dubai, Thailand, and China shut down nine scam centers and arrested 276 people in connection with crypto fraud operations that were used to target Americans and steal millions of dollars by convincing victims to invest money through seemingly legitimate but fake crypto platforms. First seen on securityboulevard.com Jump to…
-
Police dismantles 9 crypto scam centers, arrests 276 suspects
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-9-crypto-investment-scam-centers-arrests-276-suspects/
-
ODNI to CISOs on threat assessments: You’re on your own
Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfareThe bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…
-
ODNI to CISOs on threat assessments: You’re on your own
Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfareThe bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…
-
Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years
fast16.sys, is briefly mentioned in the 2017 Shadow Brokers leak of documents covering exploits and tools used by US National Security Agency cyber teams.”This 2005 attack is a harbinger for sabotage operations targeting ultra expensive high-precision computing workloads of national importance like advanced physics, cryptographic, and nuclear research workloads,” the SentinelOne researchers said in their…