Tag: china
-
China’s cyber capabilities now equal to the US, warns Dutch intelligence
Dutch intelligence says the threat from Beijing is now largely going unmet and is so sophisticated its operations are regularly missed by intelligence agencies and cybersecurity defenders. First seen on therecord.media Jump to article: therecord.media/china-cyber-capabilities-match-us-dutch-intel-says
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Timor-Leste parliament questions president over proposed resort’s links to ‘scam’ empire
Jose Ramos-Horta urged by opposition to explain diplomatic passport given to businessman behind resort project, who denies any involvement with organised crimeTimor-Leste’s opposition has questioned how foreign investors in a proposed cryptocurrency resort obtained prime beachfront real estate in the country’s capital, and has called on the president to explain why he issued a diplomatic…
-
Chinese APT Targets Indian Banks, Korean Policy Circles
China is spying on India’s financial sector, for some reason, and it’s not putting much effort into it, judging by some stale TTPs. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apt-indian-banks-korean-policy
-
Iran claims US used backdoors to knock out networking equipment during war
And China is loving it First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/iran_claims_us_used_backdoors/
-
China’s Apple App Store infiltrated by crypto-stealing wallet apps
A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinas-apple-app-store-infiltrated-by-crypto-stealing-wallet-apps/
-
The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad
Tags: chinaYears before the figure skater became an Olympic superstar, a Chinese operative tried to stalk her father and monitored other US residents deemed dissidents against China. And that’s just the beginning. First seen on wired.com Jump to article: www.wired.com/story/the-weird-twisting-tale-of-how-china-spied-on-alysa-liu-and-her-dad/
-
Breach Roundup: Mr. Raccoon Wants Your Password
Tags: breach, china, data, data-breach, flaw, fortinet, healthcare, leak, password, phishing, ransomware, scamAlso, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing Takedown. This week, a Raccoon-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-mr-raccoon-wants-your-password-a-31450
-
State-sponsored threats: Different objectives, similar access paths
A look at 2025 state-sponsored threats, exploring how actors linked to China, Russia, North Korea, and Iran use vulnerabilities, identity, and trusted access paths to achieve their goals. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/state-sponsored-threats-different-objectives-similar-access-paths/
-
China-linked cloud credential heist runs on typos and SMTP
Typosquatting for cloud-native espionage: The campaign relies heavily on deception, the researchers pointed out, using C2 domains closely resembling legitimate Alibaba Cloud services. The typosquatting approach allows malicious traffic to blend into routine cloud operations, specifically in environments where outbound filtering is absent.The implant used is an obfuscated ELF binary, with an executable designed for…
-
Cyber-Inspekteur: Hybride Attacken nehmen weiter zu
Deutschland ist im Visier staatlicher Hacker.Hybride Attacken auf kritische Infrastruktur in Deutschland und Bundeswehr-Truppen im Ausland nehmen weiter zu. Spätestens seit 2022 sei ein spürbarer Zuwachs zu verzeichnen, sagte der Bundeswehr-Inspekteur Cyber- und Informationsraum, Vizeadmiral Thomas Daum, bei einem Pressetermin bei der Nato-Cyberabwehrübung «Locked Shields» im niederrheinischen Kalkar. Cyber-Angriffe gegen die Bundeswehr richteten sich gegen Rechenzentren in…
-
APT41 Targets Linux Cloud Servers With New Winnti Backdoor
A previously undocumented Linux backdoor attributed to China-linked threat group APT41 (Winnti) has been uncovered, targeting cloud workloads across AWS, GCP, Azure, and Alibaba Cloud. The ELF-based implant, currently showing zero detections on VirusTotal, transforms Linux servers into stealthy credential theft nodes using a novel SMTP-based command-and-control (C2) mechanism. The discovery indicates a new phase in APT41’s Linux and cloud-targeted…
-
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild.The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0.It relates to a case of unrestricted file upload that stems from improper validation of First…
-
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
-
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
-
Red Hat RHELocates its Chinese engineering team to India
Hundreds of layoffs, but this smells of geopolitics, not downsizing First seen on theregister.com Jump to article: www.theregister.com/2026/04/10/red_hat_ends_china_engineering/
-
Alleged 10 Petabyte Data Theft From China’s Tianjin Supercomputing Hub
Hacker claims a 10 petabyte data theft from China’s Tianjin Supercomputing Center, raising concerns over exposed defense-related data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/alleged-10-petabyte-data-theft-from-chinas-tianjin-supercomputing-hub/
-
Why is the timeline to quantum-proof everything constantly shrinking?
Experts say advancements in hardware, mathematics and growing fear of Chinese scientific breakthroughs are pushing Google and others to call for speedier migration. First seen on cyberscoop.com Jump to article: cyberscoop.com/quantum-computing-industry-timeline-threat-accelerating/
-
Trump’s Proposed $707 Million CISA Budget Cut a ‘Gift to Nation-State Actors’
The Trump Administration wants to strip $707 million from CISA as it looks to narrow the scope of the security agency, but cybersecurity experts are saying that such cuts are a strategic mistake at a time when threat groups linked to China, Iran, and other nation-states are increasingly targeting U.S. critical infrastructure. First seen on…
-
The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences
A hacker allegedly stole 10+ PB of sensitive military and aerospace data from China’s National Supercomputing Center, risking national security. A massive alleged breach has hit China’s National Supercomputing Center (NSCC) in Tianjin. A hacker claims to have exfiltrated over 10 petabytes of highly sensitive data, including military, aerospace, and missile-related information. The facility supports…
-
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified information from the National Supercomputing Center (NSCC) in Tianjin. The stolen dataset reportedly includes sensitive defense documents, missile schematics, and advanced aerospace research. The Tianjin center serves as a centralized infrastructure hub…
-
Silver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language Pack
New analysis of a fake Telegram installer uploaded to MalwareBazaar shows Silver Fox expanding its ValleyRAT operations with a fresh delivery chain that hides behind a Chinese-language pack-decoy and an uncommon ZPAQ-based packer. The MSI is a WiX-built installer (IssueAccentRequest, 4.49 MB) that runs a VBScript custom action as SYSTEM immediately after file extraction, while…
-
France Limits Chinese-Made Solar Energy Components
Paris Backs Protectionism and Cybersecurity Requirements to Keep Out Chinese Firms. France is saying non to Chinese photovoltaic components through a mix of protectionism and cybersecurity requirements as it readies a government-backed program of new solar energy projects. Chinese cybersecurity laws require firms to share key information and generally cooperate with Beijing. First seen on…
-
New FBI Warning: Chinese Apps Could Expose User Data
The FBI is warning Americans about data security risks tied to foreign-developed mobile apps, especially those linked to China. The post New FBI Warning: Chinese Apps Could Expose User Data appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fbi-warns-foreign-apps-data-security-risks/
-
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa
Tags: access, attack, breach, china, data, data-breach, exploit, flaw, group, network, ransomware, theft, update, vulnerabilityChina-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment,…
-
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems.”The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent First seen on thehackernews.com Jump…
-
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-links-medusa-ransomware-affiliate-to-zero-day-attacks/
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…