China

Group Policy abuse reveals China-aligned espionage group targeting governments

Group Policy abuse reveals China-aligned espionage group targeting governments 2025-12-18 at 13:42 By Anamarija Pogorelec ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as LongNosedGoblin, has targeted government institutions in Southeast Asia and Japan with […]

Group Policy abuse reveals China-aligned espionage group targeting governments Read More »

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear 2025-12-18 at 09:18 By Eduard Kovacs The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear Read More »

Cisco email security appliances rooted and backdoored via still unpatched zero-day

Cisco email security appliances rooted and backdoored via still unpatched zero-day 2025-12-17 at 21:47 By Zeljka Zorz A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researchers have shared. “Our analysis indicates that appliances with non-standard

Cisco email security appliances rooted and backdoored via still unpatched zero-day Read More »

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery 2025-12-15 at 16:01 By Eduard Kovacs Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors. The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery Read More »

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking 2025-12-12 at 12:53 By Eduard Kovacs Notepad++ found a vulnerability in the way the software updater authenticates update files.  The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Read More »

UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare

UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare 2025-12-10 at 04:31 By Associated Press Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere in our democracies.” The post UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign

UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare Read More »

Offensive cyber power is spreading fast and changing global security

Offensive cyber power is spreading fast and changing global security 2025-12-01 at 08:36 By Sinisa Markovic Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy brief

Offensive cyber power is spreading fast and changing global security Read More »

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks 2025-11-21 at 13:46 By Ionut Arghire APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks Read More »

Threat group reroutes software updates through hacked network gear

Threat group reroutes software updates through hacked network gear 2025-11-19 at 12:02 By Sinisa Markovic Sometimes an attack hides in the most ordinary corner of a network. ESET researchers say a China aligned threat group known as PlushDaemon has been quietly using hacked routers to steer software updates toward its own servers. The discovery shows

Threat group reroutes software updates through hacked network gear Read More »

MI5 Warns Lawmakers That Chinese Spies Are Trying to Reach Them via LinkedIn

MI5 Warns Lawmakers That Chinese Spies Are Trying to Reach Them via LinkedIn 2025-11-18 at 18:36 By Associated Press Britain’s domestic intelligence agency warned that Chinese nationals were ”using LinkedIn profiles to conduct outreach at scale” on behalf of the Chinese Ministry of State Security. The post MI5 Warns Lawmakers That Chinese Spies Are Trying

MI5 Warns Lawmakers That Chinese Spies Are Trying to Reach Them via LinkedIn Read More »

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit  

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   2025-11-14 at 10:30 By Eduard Kovacs The cybercriminals informed customers that their cloud server was shut down due to complaints. The post Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   Read More »

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks 2025-11-13 at 17:14 By Ionut Arghire Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks. The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek. This article is an excerpt

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks Read More »

China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says

China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says 2025-11-12 at 18:37 By Kevin Townsend NTT’s chief cybersecurity strategist Mihoko Matsubara on the new geopolitics of hacking, the “chicken and egg” problem of 5G, and the coming AGI threat to humanity. The post China’s Cyber Silence is More Worrying Than Russia’s

China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says Read More »

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit 2025-11-12 at 15:02 By Eduard Kovacs Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign.  The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit Read More »

Russia-linked hackers intensify attacks as global APT activity shifts

Russia-linked hackers intensify attacks as global APT activity shifts 2025-11-06 at 14:50 By Anamarija Pogorelec State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity Report covering April through September 2025. The research highlights how operations linked to Russia, China, Iran,

Russia-linked hackers intensify attacks as global APT activity shifts Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

Major US Telecom Backbone Firm Hacked by Nation-State Actors

Major US Telecom Backbone Firm Hacked by Nation-State Actors 2025-10-30 at 15:46 By Eduard Kovacs Ribbon Communications provides technology for communications networks and its customers include the US government and major telecom firms.  The post Major US Telecom Backbone Firm Hacked by Nation-State Actors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Major US Telecom Backbone Firm Hacked by Nation-State Actors Read More »

Sanctions won’t stop cyberattacks, but they can still “bite”

Sanctions won’t stop cyberattacks, but they can still “bite” 2025-10-29 at 16:58 By Zeljka Zorz Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and researchers tackled

Sanctions won’t stop cyberattacks, but they can still “bite” Read More »

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains 2025-10-27 at 16:57 By Ionut Arghire The malicious Smishing Triad domains were used to collect sensitive information, including Social Security numbers. The post Massive China-Linked Smishing Campaign Leveraged 194,000 Domains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains Read More »

China Accuses US of Cyberattack on National Time Center

China Accuses US of Cyberattack on National Time Center 2025-10-20 at 03:58 By Associated Press The Ministry of State Security alleged that the NSA exploited vulnerabilities in the messaging services of a foreign mobile phone brand to steal sensitive information. The post China Accuses US of Cyberattack on National Time Center appeared first on SecurityWeek.

China Accuses US of Cyberattack on National Time Center Read More »

Scroll to Top