APT41

Chinese Hackers Target

A Chinese cyber-espionage campaign has been identified targeting telecommunications providers with new malware. The campaign affects Linux and Windows systems, potentially compromising sensitive data. Users are advised to monitor their systems for suspicious activity and update security software.

Chinese APTs Use Linux Backdoor

Chinese Advanced Persistent Threats (APTs) have been using a

China-Linked Hackers Use TencShell

A suspected China-linked threat actor has targeted the Indian branch of a global manufacturer using an open-source offensive toolkit. The attack leveraged the newly discovered

Palo Alto Zero-Day Exploited

Suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month, affecting Palo Alto Networks customers. Users are advised to apply the latest security patch to mitigate the vulnerability. Immediate action is recommended to prevent potential attacks.

Daemon Tools Trojanized

A China-linked threat actor has backdoored a version of Daemon Tools, potentially infecting thousands of users. Those who have downloaded the compromised version are at risk of malware infection. Users should immediately inspect their systems for signs of compromise and consider updating to a clean version of the software.

Chinese National Extradited for Cyberespionage

A Chinese national has been extradited to the US to face charges for alleged cyberespionage operations conducted on behalf of China's intelligence services. The individual is

GopherWhisper APT Targets Mongolia

A new China-linked APT group, GopherWhisper, has been discovered targeting government institutions in Mongolia using Go-based malware. The group's tools, including loaders and injectors, are used to deploy multiple backdoors. Affected organizations should monitor for suspicious activity and update security measures.

China-Linked APT GopherWhisper

A China-linked APT group, dubbed GopherWhisper, has been identified abusing legitimate services in targeted attacks on government entities. The group utilizes multiple Go-based backdoors, custom loaders, and injectors to carry out their operations. Affected organizations should review their security controls and monitor for suspicious activity.

UK Biobank Data Breach

A data breach at UK Biobank has resulted in the health records of approximately 500,000 volunteers being listed for sale on Chinese ecommerce platforms. The affected individuals are UK Biobank volunteers who provided health data for research purposes. Those affected should monitor their personal data and report any suspicious activity.

UK Biobank Data Leaked

US Cracks Down on AI Model Exploitation

The Trump administration has announced plans to crack down on foreign companies exploiting US-developed artificial intelligence models. This move is expected to impact Chinese companies in particular. Affected organizations should review their AI model usage and ensure compliance with US regulations.

Chinese APT Spies on Mongolia via Cloud Tools

A Chinese APT group has been using multiple cloud-based tools to spy on Mongolia, leveraging platforms such as Microsoft Outlook, Slack, and Discord for command and control. The group's tactics allow for flexible and covert online espionage. Users of these platforms, particularly those with ties to Mongolia, should exercise caution and

Chinese Firm Claims AI Hacking Success

360 Digital Security Group claims to have discovered 1,000 vulnerabilities using AI, including at the Tianfu Cup hacking contest. This development may impact various software and systems, potentially affecting numerous organizations. Users should monitor the situation for further updates and potential patches.

China-Linked Covert Networks

The UK's National Cyber Security Centre (NCSC) warns of China-nexus covert networks

China-Linked Covert Networks

The UK's National Cyber Security Centre (NCSC) warns of a shift in

China-Nexus Covert Networks

China-nexus cyber actors have shifted their

Chinese Smart Home Devices Pose Spy Risk

Researchers have discovered that certain cheap Chinese smart home devices, including cameras, may be concealing a shadow supply chain of shell companies, firmware flaws, and foreign

UK Faces Sophisticated Cyber Threats

The UK National Cyber Security Centre (NCSC) warns of highly sophisticated state-sponsored cyberattacks from Chinese intelligence and military agencies, posing a significant threat to Britain's cyber defenses. These attacks are not limited to financial gain, but also aim to cause harm and disrupt critical infrastructure. Organizations are advised to reassess their cybersecurity measures and avoid relying solely on the cheapest contractors.

China Spies on Indian Banks

A Chinese advanced persistent threat (APT) group has been targeting Indian banks and Korean policy circles, employing relatively unsophisticated tactics, techniques, and procedures (TTPs). The group's motivations and goals are unclear, but the attacks may indicate a broader interest in regional financial and geopolitical affairs. Affected organizations should review their security controls and monitor for suspicious activity.

China-linked hackers steal cloud credentials

China-aligned hackers have deployed a Linux-based ELF backdoor to steal cloud credentials from workloads across major cloud environments, including AWS, GCP, Azure, and Alibaba Cloud. The campaign, attributed to the APT41 group, targets sensitive cloud credentials, including IAM role credentials and service account tokens. Users are advised to monitor their cloud environments for suspicious activity and implement robust security measures to prevent credential theft.