Tag: china
-
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8837/
-
China bans U.S. and Israeli cybersecurity software over security concerns
China has told domestic firms to stop using U.S. and Israeli cybersecurity software, citing national security concerns amid rising tech tensions. Reuters reported that China has ordered domestic companies to stop using cybersecurity solutions from more than a dozen U.S. and Israeli firms, citing national security risks. Tensions remain high over China’s push in semiconductors…
-
Iran’s partial internet shutdown may be a windfall for cybersecurity intel
only available launchpads. A connection from the Ministry of Agriculture might not be a farmer. It’s likely a tunnel for a state actor who needs an exit node.”Ranjbar said the removal of the traffic from millions of routine Iranian business and residential users allows a powerful visibility into Iranian government traffic patterns, thereby allowing SOCs…
-
New China Linked VoidLink Linux Malware Targets Major Cloud Providers
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden. First seen on hackread.com Jump to article: hackread.com/china-voidlink-linux-malware-cloud-providers/
-
Nvidia H200 nach China – Sicherheitsmaßnahmen, Vorab-Tests und weitere Auflagen
Nvidia darf H200 nach China ausliefern. Sicherheitsmaßnahmen, Testreihen von Drittanbietern und andere Dinge sollen Missbrauch verhindern. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/nvidia-h200-nach-china-sicherheitsmassnahmen-vorab-tests-und-mehr-auferlegt.95790
-
Taiwan Endures Greater Cyber Pressure From China
Chinese cyberattacks on Taiwan’s critical infrastructure, including energy utilities and hospitals, rose 6% in 2025, averaging 2.63 million attacks a day. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/taiwan-sees-greater-cyber-pressure-from-china
-
Taiwan Endures Greater Cyber Pressure From China
Chinese cyberattacks on Taiwan’s critical infrastructure, including energy utilities and hospitals, rose 6% in 2025, averaging 2.63 million attacks a day. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/taiwan-sees-greater-cyber-pressure-from-china
-
Taiwan Endures Greater Cyber Pressure From China
Chinese cyberattacks on Taiwan’s critical infrastructure, including energy utilities and hospitals, rose 6% in 2025, averaging 2.63 million attacks a day. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/taiwan-sees-greater-cyber-pressure-from-china
-
Lawmakers Urged to Let US Take on ‘Offensive’ Cyber Role
Analysts Warn Foreign Adversaries Gaining Footholds in US Networks. Cyber policy analysts told lawmakers that the United States’ cyber deterrence efforts are failing, allowing China and others to embed in critical infrastructure networks with minimal cost, while calling for faster, coordinated offensive actions across federal agencies. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/lawmakers-urged-to-let-us-take-on-offensive-cyber-role-a-30511
-
Analysis of VoidLink: A Cloud-Native Malware Threat Targeting Linux Systems
A sophisticated Linux malware framework, VoidLink, has been identified by Check Point Research, representing a significant escalation in threats targeting cloud-native environments. The advanced framework, developed by Chinese-affiliated developers, combines custom loaders, implants, rootkits, and over 30 modular plugins specifically engineered to maintain persistent access to Linux systems while evading detection through multiple layers of…
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign
Rust offers evasion advantages: CloudSEK researchers said RustyWater was developed in Rust, which they said is increasingly used by malware authors for its memory safety features and cross-platform capabilities, according to the blog post. Other state-sponsored groups, including Russia’s Gossamer Bear and China-linked actors, have also deployed Rust-based malware in recent campaigns, according to security…
-
ValleyRAT_S2: Stealth Intrusions Aimed at Financial Data Exfiltration
A sophisticated second-stage malware payload known as ValleyRAT_S2 has emerged as a critical threat to organizations across Chinese-speaking regions, including mainland China, Hong Kong, Taiwan, and Southeast Asia. This Remote Access Trojan (RAT), written in C++, is a modular, highly evasive cyber-espionage tool designed to infiltrate systems, maintain persistent access, and extract sensitive financial and…
-
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy.At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment First seen on thehackernews.com…
-
China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe
Tags: chinaThe post China-Nexus Actor UAT-7290 Caught Targeting Telecoms in South Asia and Europe appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/china-nexus-actor-uat-7290-caught-targeting-telecoms-in-south-asia-and-europe/
-
ICE Can Now Spy on Every Phone in Your Neighborhood
Plus: Iran shuts down its internet amid sweeping protests, an alleged scam boss gets extradited to China, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-ice-can-now-spy-on-every-phone-in-your-neighborhood/
-
Security News This Week: ICE Can Now Spy on Every Phone in Your Neighborhood
Plus: Iran shuts down its internet amid sweeping protests, an alleged scam boss gets extradited to China, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-ice-can-now-spy-on-every-phone-in-your-neighborhood/
-
Salt Typhoon Hackers Hit Congressional Emails in New Breach
Staff Working on China, Intel, Military Oversight Targeted in Espionage Operation. U.S. officials are probing a suspected Chinese cyber campaign tied to Salt Typhoon that breached congressional staff email systems supporting national security committees, exposing sensitive discussions and raising concerns about unclassified federal network defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-hackers-hit-congressional-emails-in-new-breach-a-30484
-
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage,…
-
China-linked cybercrims abused VMware ESXi zero-days a year before disclosure
Huntress analysis suggests VM escape bugs were already weaponized in the wild First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/china_esxi_zerodays/
-
$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group’s global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud. First seen on hackread.com Jump to article:…
-
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets telecom providers, it conducts espionage by deeply embedding in victim networks and also operates Operational…
-
Chinese-speaking hackers exploited ESXi zero-days long before disclosure
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hacked SonicWall VPN to deliver a toolkit targeting VMware ESXi. The exploit chain included a sophisticated VM escape and appears to have been developed more than a year…
-
Cyber Retaliation Risks Rise After US-Venezuela Operation
CISA Warns of Retaliatory Cyber Action From Hostile State Actors After Venezuela. Federal cybersecurity officials are warning of a likely uptick in retaliatory cyber activity from China and Russia-linked threat actors after the U.S. military raid in Venezuela, urging infrastructure operators to brace for disruptive probing and attacks. First seen on govinfosecurity.com Jump to article:…
-
New China-linked hackers breach telcos using edge device exploits
A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-china-linked-hackers-breach-telcos-using-edge-device-exploits/
-
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilities became publicly known. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vmware-esxi-zero-days-likely-exploited-a-year-before-disclosure/
-
Cryptohack Roundup: Alleged Fraud Kingpin Deported to China
Also: Unleash Protocol Hack, LastPass Breach Linked to Crypto Thefts. This week, an alleged fraud kingpin deported to China, Bitfinex hacker gained early release, Unleash Protocol’s $3.9M hack, TRM tied crypto thefts to the LastPass breach, Trust Wallet’s link to the Sha1-Hulud attack, Flow’s NFT loan fallout, Ledger’s data exposure and Kontigo reimbursements. First seen…