China APT

Chinese Hackers Target Medical, Military, and AI Research in North America

China, China APT, espionage, Nation-State /

Chinese Hackers Target Medical, Military, and AI Research in North America 2026-06-15 at 17:07 By Eduard Kovacs Google’s Threat Intelligence Group has been tracking the cyberespionage group as UNC6508 since early 2025. The post Chinese Hackers Target Medical, Military, and AI Research in North America appeared first on SecurityWeek. This article is an excerpt from […]

Chinese Hackers Target Medical, Military, and AI Research in North America Read More »

Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns

China, China APT, Malware & Threats, Nation-State, Salt Typhoon, Twill Typhoon /

Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns 2026-05-14 at 18:25 By Ionut Arghire Salt Typhoon has hit an energy entity in Azerbaijan. Twill Typhoon has targeted Asian entities with an updated RAT. The post Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns appeared first on SecurityWeek. This article is an excerpt from

Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns Read More »

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking

China, China APT, exploited, firewall, Nation-State, Palo Alto Networks, Vulnerabilities, Zero-Day /

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking 2026-05-07 at 19:01 By Eduard Kovacs The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was.  The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking appeared first on SecurityWeek.

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking Read More »

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

China APT, GopherWhisper, Malware & Threats, Nation-State /

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks 2026-04-25 at 14:57 By Ionut Arghire Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks Read More »

Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure

backdoor, BPFDoor, China APT, Malware, Nation-State, Telecom, telecoms /

Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure 2026-03-26 at 15:52 By Ionut Arghire The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure Read More »

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

Asia, China, China APT, Featured, Military, Nation-State /

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation 2026-03-16 at 14:52 By Ionut Arghire The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation Read More »

Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments

China APT, cyberespionage, disrupted, espionage, GridTide, Malware, Malware & Threats, Nation-State, telecoms /

Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments 2026-02-25 at 18:01 By Eduard Kovacs The UNC2814 threat actor has been active since at least 2017, targeting organizations across 42 countries.  The post Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments Read More »

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

China APT, CISA KEV, exploited, Featured, Nation-State, supply chain attack, Taiwan, TeamT5, Vulnerabilities /

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

China, China APT, critical infrastructure, Government, Malware & Threats, Nation-State, rootkit, Shadow Campaigns /

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries 2026-02-05 at 13:02 By Eduard Kovacs Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China. The post Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries appeared first on SecurityWeek. This article is an excerpt

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries Read More »

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

China APT, HoneyMyte, Malware, Malware & Threats, Mustang Panda, rootkit, ToneShell /

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit 2025-12-30 at 12:25 By Ionut Arghire The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor. The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit Read More »

UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports

China, China APT, Cyberwarfare, espionage, Government, Nation-State, UK, UK Government /

UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports 2025-12-22 at 15:09 By Associated Press The British government is investigating a “cyber incident” following news reports that hackers linked to China have gained access to thousands of confidential documents. The post UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports appeared

UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports Read More »

Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments

China, China APT, espionage, LongNosedGoblin, Malware & Threats, Nation-State /

Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments 2025-12-19 at 16:42 By Ionut Arghire The hacking group has been using Group Policy to deploy cyberespionage tools on governmental networks. The post Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments Read More »

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

China, China APT, Cisco, CVE-2025-20393, exploited, Malware & Threats, UAT-9686, Vulnerabilities, Zero-Day /

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear 2025-12-18 at 09:18 By Eduard Kovacs The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear Read More »

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

China, China APT, exploited, Malware, Malware & Threats, React, React2Shell /

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery 2025-12-15 at 16:01 By Eduard Kovacs Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors. The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery Read More »

US Organizations Warned of Chinese Malware Used for Long-Term Persistence

BrickStorm, China APT, CISA, Malware, Malware & Threats, Nation-State, Warp Panda /

US Organizations Warned of Chinese Malware Used for Long-Term Persistence 2025-12-05 at 16:35 By Ionut Arghire Warp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations. The post US Organizations Warned of Chinese Malware Used for Long-Term Persistence appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

US Organizations Warned of Chinese Malware Used for Long-Term Persistence Read More »

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks

APT, BadAudio, China, China APT, Malware, Malware & Threats, Nation-State, supply chain /

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks 2025-11-21 at 13:46 By Ionut Arghire APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks Read More »

Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’

Asus, China APT, espionage, Nation-State, Network Security, Operation WrtHug, router /

Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ 2025-11-20 at 15:31 By Ionut Arghire A Chinese threat actor is exploiting known vulnerabilities in discontinued Asus devices in an Operational Relay Box (ORB) facilitation campaign. The post Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ Read More »

Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign

agentic AI, AI, Anthropic, Artificial Intelligence, China APT, Claude, espionage, Nation-State /

Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign 2025-11-14 at 10:30 By Ionut Arghire A state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide. The post Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign Read More »

Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks

China APT, Featured, Malware, supply chain, Supply Chain Security /

Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks 2025-11-03 at 12:28 By Ionut Arghire PowerShell and .NET variants of the malware abuse AirWatch’s MDM API to establish a C&C communication channel. The post Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks Read More »

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

China APT, Europe, exploited, LNK, Malware, Malware & Threats, Windows /

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks 2025-10-31 at 12:37 By Ionut Arghire The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware. The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks Read More »

Scroll to Top