Tag: china
-
CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers
by
in SecurityNewsResearchers attributed exploitation of the vulnerability to a suspected China-based cyberespionage group tracked as UNC5221. First seen on therecord.media Jump to article: therecord.media/cisa-ivanti-firewall-bug-exploitation
-
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
by
in SecurityNewsIvanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have confirmed active exploitation of this vulnerability in the wild, targeting ICS 9.X (end-of-life) and earlier…
-
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/china-linked-threat-group-exploits-ivanti-bug
-
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
by
in SecurityNews
Tags: china, espionage, exploit, flaw, hacker, ivanti, mandiant, remote-code-execution, vulnerabilityMandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-state-hackers-ivanti-flaw/
-
China-backed espionage group hits Ivanti customers again
by
in SecurityNewsUNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-espionage-group-ivanti-vulnerability-exploits/
-
China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
by
in SecurityNews
Tags: china, exploit, flaw, group, ivanti, remote-code-execution, threat, update, vulnerability, zero-dayIvanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose…
-
Suspected Chinese spies right now hijacking buggy Ivanti gear for third time in 3 years
by
in SecurityNewsSimple denial-of-service blunder turned out to be a remote unauth code exec disaster First seen on theregister.com Jump to article: www.theregister.com/2025/04/03/suspected_chines_snoops_hijacked_buggy/
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
by
in SecurityNewsA suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Ivanti patches Connect Secure zero-day exploited since mid-March
by
in SecurityNews
Tags: china, espionage, exploit, ivanti, malware, remote-code-execution, update, vulnerability, zero-dayIvanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
by
in SecurityNewsIvanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
App Stores OK’ed VPNs Run by China PLA
by
in SecurityNewsBad Apple: Chinese firm banned by the U.S. is the shady entity behind a clutch of free VPN apps”, with over a million downloads. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/app-stores-oked-vpns-run-by-china-pla/
-
Experts Warn Congress Another Salt Typhoon Attack Is Coming
by
in SecurityNewsChinese Hackers Are Pre-Positioned, and Top Officials Could Be Making Matters Worse. Experts told lawmakers on Wednesday that without urgent federal action to strengthen cyber defenses and additional efforts to improve the cybersecurity practices of some of the highest ranking government officials, another Salt Typhoon attack could be just around the corner. First seen on…
-
Tackling Chinese cyber threats should be US priority, says ex-NSA head
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/tackling-chinese-cyber-threats-should-be-us-priority-says-ex-nsa-head
-
Latin America targeted with Chinese malware, says Joint Chiefs chair nominee
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/latin-america-targeted-with-chinese-malware-says-joint-chiefs-chair-nominee
-
Asia-Pacific, Latin America subjected to Chinese cyberespionage attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/asia-pacific-latin-america-subjected-to-chinese-cyberespionage-attacks
-
Latest Ivanti bug, paired with malware, earns an alert from CISA
by
in SecurityNewsA recent alert from CISA builds on previous research about a vulnerability in Ivanti products that China-linked hackers have used to insert malware into networks. First seen on therecord.media Jump to article: therecord.media/cisa-alert-ivanti-bug-resurge-malware
-
Surge in Smishing Fueled by Lucid PhaaS Platform
Chinese-Speaking Operators Have Made Lucid a ‘Primary Source’ of Phishing. Security researchers say they expect a surge this year in text message smishing fueled by a phishing-as-a-service platform operated by Chinese-speaking threat actors. Lucid already is a primary source of phishing campaigns targeting users in Europe, the United Kingdom and the United States. First seen…
-
Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say
by
in SecurityNewsA lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years. First seen on wired.com Jump to article: www.wired.com/story/xiaofeng-wang-indiana-university-research-probe-china/
-
Cybersecurity Professor Faced China Funding Inquiry Before Disappearing, Sources Say
by
in SecurityNewsA lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years. First seen on wired.com Jump to article: www.wired.com/story/xiaofeng-wang-indiana-university-research-probe-china/
-
China’s FamousSparrow APT Hits Americas with SparrowDoor Malware
by
in SecurityNewsChina-linked APT group FamousSparrow hits targets in the Americas using upgraded SparrowDoor malware in new cyberespionage campaign, ESET reports. First seen on hackread.com Jump to article: hackread.com/china-famoussparrow-apt-americas-sparrowdoor-malware/
-
Unitree Go1: Gefährliche Backdoor in populärem Roboterhund entdeckt
by
in SecurityNewsEin Roboterhund aus China konnte mit einem bestimmten API-Key aus der Ferne gesteuert werden – mit erheblichen Risiken für Personen in der Nähe. First seen on golem.de Jump to article: www.golem.de/news/unitree-go1-gefaehrliche-backdoor-in-populaerem-roboterhund-entdeckt-2504-194933.html
-
Cybercom discovered Chinese malware in South American nations, Joint Chiefs chairman nominee
by
in SecurityNewsSo-called hunt forward operations by U.S. Cyber Command have uncovered Chinese malware implanted in Latin American nations, according to retired Lt. Gen. Dan “Razin” Caine. First seen on defensescoop.com Jump to article: defensescoop.com/2025/04/01/cybercom-chinese-malware-south-america-dan-caine-joint-chiefs-trump/
-
Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs
An undocumented remote access backdoor in the Unitree Go1 Robot Dog allows remote control over the tunnel network and use of the vision cameras to see through their eyes. The post Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/undocumented-remote-access-backdoor-found-in-unitree-go1-robot-dog/
-
Exclusive: Gen. Paul Nakasone says China is now our biggest cyber threat
by
in SecurityNewsMore than a year away from leading the NSA and Cyber Command, Paul Nakasone told the Click Here podcast that they could ask him anything. So they did. About China, AI, DOGE and more. First seen on therecord.media Jump to article: therecord.media/nakasone-interview-china-ai-deepseek-doge
-
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions
by
in SecurityNewsCybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions.”The first sighting of its activity was in the second quarter of 2023; back then, it…
-
Online-Erpresserbrief bei einem IT-Dienstleister in der Republik China / Taiwan
by
in SecurityNewsExplanation of The Company’s Cybersecurity First seen on emops.twse.com.tw Jump to article: emops.twse.com.tw/server-java/t05sr01_1_e
-
Schadsoftware bei einem Stahlproduzent in der Republik China / Taiwan
by
in SecurityNewsExplanation of Our Company’s Cybersecurity Incident First seen on emops.twse.com.tw Jump to article: emops.twse.com.tw/server-java/t05sr01_1_e
-
Earth Alux Hackers Use VARGIET Malware to Target Organizations
by
in SecurityNewsA new wave of cyberattacks orchestrated by the advanced persistent threat (APT) group Earth Alux has been uncovered, revealing the use of sophisticated malware, including the VARGEIT backdoor, to infiltrate critical industries. Linked to China, Earth Alux has been targeting organizations across the Asia-Pacific (APAC) region and Latin America since 2023, focusing on sectors such…
-
News brief: China-linked APTs and Russian access broker
by
in SecurityNewsCheck out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366621697/News-brief-China-linked-APTs-and-Russian-access-broker
-
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All
by
in SecurityNewsCISA Publishes Anatomy of Advanced Ivanti VPN Malware. Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rootkit-backdoor-tunneler-ivanti-malware-does-all-a-27881