The Hacker News1d
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
UNC3886 exploits Juniper routers with six TinyShell-based backdoors, evading detection and maintaining persistence.
The Badbox botnet is back, powered by up to a million backdoored Androids
Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort ...
Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks
US government agencies announced Wednesday criminal charges against alleged members of China's Silk Typhoon gang, plus ...
Cybernews9d
Dozen China-backed US Treasury hackers indicted by US disrupting years-long cyber campaign
US indicts a dozen China-backed “hackers-for-hire” responsible for US Treasury hack in years-long spy campaign ...
Justice Department indicts Chinese officials and contractors over cyber intrusion campaign
The U.S. Department of Justice has charged 12 Chinese nationals, including officers of China’s Ministry of Public Security ...
Tech Xplore9d
Chinese hackers indicted in US for Treasury breach, other attacks
Twelve Chinese nationals, including two public security ministry officers, have been indicted for a series of hacking attacks ...
US charges Chinese hackers linked to critical infrastructure breaches
The US Justice Department has charged Chinese state security officers along with APT27 and i-Soon hackers for network ...
CSO Online9d
Chinese cyber espionage growing across all industry sectors
New and expanding China-backed threat groups are pushing a broader cyber strategy, likely with eventual reunification with ...
The Record22d
China-linked hackers target European healthcare orgs in suspected espionage campaign
The hackers, dubbed Green Nailao, deployed ShadowPad and PlugX malware, both commonly associated with Chinese cyberespionage groups, as well as a previously undocumented ransomware strain called ...
Bleeping Computer22d
New NailaoLocker ransomware used against EU healthcare orgs
The attacks exploited CVE-2024-24919, a Check Point Security Gateway vulnerability, to gain access to targeted networks and deploy the ShadowPad and PlugX malware, two families tightly associated ...
Ars Technica29d
Financially motivated hackers are helping their espionage counterparts and vice versa
The toolset, first spotted in July, was a variant of PlugX, a custom backdoor. Timestamps in the toolset were identical to those found by security firm Palo Alto Network in the Thor PlugX variant ...
CSOonline1mon
Unusual attack linked to Chinese APT group combines espionage and ransomware
The particular PlugX variant, or plug-in, that was observed together with ransomware by Symantec, has previously been linked by researchers from Palo Alto Networks and Trend Micro to a Chinese APT ...