Tag: china
-
Former Google Engineer Convicted of Stealing AI Secrets for China
A 38-year-old also known as Leon Ding, was convicted on seven counts of economic espionage and seven counts of theft of trade secrets following an 11-day trial. First seen on hackread.com Jump to article: hackread.com/google-engineer-convict-steal-ai-secrets-china/
-
Former Google Engineer Convicted in AI Trade Secret Theft Case
A former Google engineer was convicted of stealing confidential AI trade secrets to support a China-based startup. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/former-google-engineer-convicted-in-ai-trade-secret-theft-case/
-
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026.The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale of…
-
Grünes Licht für Einfuhr Update – – China erteilt Freigabe für Hunderttausende Nvidia H200
Nach einigem Hin und Her hat China nun wohl die Einfuhr von Nvidia H200 genehmigt. Es geht um große Mengen, die nun geliefert werden sollen. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/gruenes-licht-fuer-einfuhr-china-erteilt-freigabe-fuer-100-000nde-nvidia-h200.95940
-
Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup
A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of…
-
Chinese APTs Hacking Asian Orgs With High-End Malware
Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apts-asian-orgs-high-end-malware
-
US Sentences Chinese National for Role in $36.9 Million Crypto Scam
A Chinese national has been sentenced for his role in a massive $36.9 million cryptocurrency scam operated from… First seen on hackread.com Jump to article: hackread.com/us-sentences-chinese-man-crypto-scam/
-
Notorious Russia-based RAMP cybercrime forum apparently seized by FBI
RAMP was used by Russian, Chinese and English-speaking cybercriminals and particularly catered to ransomware groups and their affiliates. First seen on therecord.media Jump to article: therecord.media/notorious-russia-based-ramp-forum-seized
-
EU’s answer to CVE solves dependency issue, adds fragmentation risks
Tags: access, ai, china, cisco, cve, cyber, cybersecurity, data, dos, exploit, finance, governance, grc, infrastructure, intelligence, international, nvd, open-source, risk, service, software, threat, tool, vulnerability, vulnerability-managementCoordinated disclosure: Nik Kale, principal engineer and product architect at Cisco Systems, says GCVE’s main challenge comes from building a platform that the security community can rely on for coordinated disclosure and remediation.”Viability depends far more on governance than on the data itself,” Kale says. “That includes clear attribution rules, transparent CNA processes, predictable decision-making,…
-
Keir Starmer holds talks with Xi to bolster economic ties with China
PM is first UK leader to visit China in eight years and hopes to strengthen bond with superpower amid uncertainty over US allianceKeir Starmer has met the Chinese leader Xi Jinping on Thursday for historic talks he hopes will deepen economic ties at a time when some inside government fear the US is no longer…
-
Months After Patch, WinRAR Bug Poised to Hit SMBs Hardest
Russian and Chinese nation-state attackers are exploiting a months-old WinRAR vulnerability, despite a patch that came out last July. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/months-after-patch-winrar-bug-poised-smbs-hardest
-
Keir Starmer to hold talks with Xi to bolster economic ties with China
PM is first UK leader to visit China in eight years and hopes to strengthen bond with superpower amid uncertainty over US allianceKeir Starmer will meet the Chinese president Xi Jinping on Thursday for historic talks he hopes will deepen economic ties at a time when some inside government fear the US is no longer…
-
Everybody is WinRAR phishing, dropping RATs as fast as lightning
Russians, Chinese spies, run-of-the-mill crims “¦ First seen on theregister.com Jump to article: www.theregister.com/2026/01/28/winrar_bug_under_attack/
-
China-Backed ‘PeckBirdy’ Takes Flight for Cross-Platform Attacks
In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government entities with new backdoors. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-backed-peckbirdy-cross-platform-attacks
-
Chinese National Sentenced to 46 Months for Laundering Millions Stolen from U.S. Investors
A Chinese national has been sentenced to nearly four years in U.S. federal prison for laundering tens of millions of dollars stolen from American investors through a large”‘scale digital asset investment scam run from Southeast Asia. On Tuesday, Chinese citizen Jingliang Su received a 46″‘month prison sentence for his role in laundering more than $36.9…
-
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints.The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against government…
-
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads.”Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated First…
-
Chinese Money Launderers Drive Global Ecosystem Worth $82bn
Tags: chinaChainalysis claims Chinese money launderers now account for 20% of global activity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-money-launderers-global/
-
Grünes Licht für Einfuhr – China erteilt Freigabe für Hunderttausende Nvidia H200
Nach einigem Hin und Her hat China nun wohl die Einfuhr von Nvidia H200 genehmigt. Es geht um große Mengen, die nun geliefert werden sollen. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/gruenes-licht-fuer-einfuhr-china-erteilt-freigabe-fuer-100-000nde-nvidia-h200.95940
-
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-mustang-panda-hackers-deploy-infostealers-via-coolclient-backdoor/
-
Chinese money launderers moved more than $16 billion of illicit crypto in 2025, report finds
In 2025, Chinese-language organizations laundered on average $44 million in illicit crypto each day, amounting to $16.1 billion. First seen on therecord.media Jump to article: therecord.media/chinese-money-launderers-moved-more-crypto-2025
-
PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/peckbirdy-framework-tied-china/
-
China-linked group accused of spying on phones of UK prime ministers’ aides for years
Reports say Salt Typhoon attackers accessed handsets of senior govt folk First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/chinalinked_hackers_accused_of_yearslong/
-
Sysdig entdeckt C2-kompilierte Kernel-Rootkits und neue Tarnmechanismen im LinuxFramework Voidlink
Sysdig hat Voidlink, ein in China entwickeltes Linux-Malware-Framework zur gezielten Attacke auf Cloud-Umgebungen, untersucht. Vorausgegangen war dieser technisch tiefgehenden Analyse die Aufdeckung von Voidlink durch Check Point Research am 13. Januar 2026. In der eigenen Analyse war es Sysdig möglich, Loader-Kette, Rootkit-Interna und Kontrollmechanismen detailliert unter die Lupe zu nehmen und zu dekonstruieren inklusive […]…
-
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environments.The flexible framework has been put to use against Chinese gambling industries and malicious activities targeting Asian government entities and private organizations, according to Trend Micro First seen on…
-
Stealth in Script: >>PeckBirdy<< Framework Powers New Wave of China-Aligned Attacks
The post Stealth in Script: >>PeckBirdy<< Framework Powers New Wave of China-Aligned Attacks appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/stealth-in-script-peckbirdy-framework-powers-new-wave-of-china-aligned-attacks/
-
NDSS 2025 ERW-Radar
Tags: antivirus, china, conference, defense, detection, Internet, malicious, network, ransomware, softwareAuthors, Creators & Presenters: Lingbo Zhao (Institute of Information Engineering, Chinese Academy of Sciences), Yuhui Zhang (Institute of Information Engineering, Chinese Academy of Sciences), Zhilu Wang (Institute of Information Engineering, Chinese Academy of Sciences), Fengkai Yuan (Institute of Information Engineering, CAS), Rui Hou (Institute of Information Engineering, Chinese Academy of Sciences) PAPER ERW-Radar: An Adaptive…
-
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers.The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio First seen on…
-
Microsoft handed over BitLocker keys to law enforcement, raising enterprise data control concerns
Tags: access, authentication, backup, breach, business, china, cloud, control, corporate, credentials, data, endpoint, governance, government, group, india, infrastructure, law, mfa, microsoft, risk, service, technologyWhere most enterprises go wrong: Enterprises using BitLocker should treat the recovery keys as highly sensitive, and avoid default cloud backup unless there is a clear business requirement and the associated risks are well understood and mitigated.The safest configuration is to redirect those keys to on-premises Active Directory or a controlled enterprise key vault. Even…
-
Microsoft handed over BitLocker keys to law enforcement, raising enterprise data control concerns
Tags: access, authentication, backup, breach, business, china, cloud, control, corporate, credentials, data, endpoint, governance, government, group, india, infrastructure, law, mfa, microsoft, risk, service, technologyWhere most enterprises go wrong: Enterprises using BitLocker should treat the recovery keys as highly sensitive, and avoid default cloud backup unless there is a clear business requirement and the associated risks are well understood and mitigated.The safest configuration is to redirect those keys to on-premises Active Directory or a controlled enterprise key vault. Even…