Geek-Guy.com

Category: china

Auto Added by WPeMatico

AI, china, Compliance, Data Security, Exploits, Global Security News, Government & Policy, privacy, Risk Management, Russia

House Republicans roll out national privacy bill

House Republicans unveiled on Wednesday Congress’ latest effort to tackle comprehensive digital privacy legislation for Americans. The Secure Data Act would allow consumers to opt out of data collection for individual businesses for the purposes of targeted advertising, selling to third parties or for use in automated decisionmaking. It would also require companies to inform…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Russia, Venture

The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops

On April 7, six US government agencies issued a critical advisory warning domestic private sector organizations of potential infrastructural cyberattacks conducted by Iranian-affiliated Advanced Persistent Threat (APT) actors. The advisory stops short of attributing these threats to a single group but makes reference to 2023 attacks on US water and wastewater facilities linked to the…

Read more →

AI, china, Cloud Security, Compliance, Endpoint, Europe, Global Security News, Network Security, Risk Management

How to clone an AWS CloudHSM cluster across Regions

Important: As of January 1, 2025, Client SDK 3 tools (CMU and KMU) are no longer supported. This guide has been updated to use Client SDK 5 commands exclusively. Ensure you’re using the latest Client SDK 5 version (5.17 or later) for the most recent features and security improvements. You can use AWS CloudHSM to…

Read more →

AI, APAC, Apps, china, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management

Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week

Major Threats & Vulnerabilities Zero-Day and Active Exploits A critical flaw in Nginx UI is being actively exploited in the wild, allowing unauthenticated users to perform privileged actions through an unprotected endpoint. Administrators are urged to patch immediately and restrict public access to management interfaces. The EngageLab SDK vulnerability affecting over 50 million Android users…

Read more →

AI, china, Cybersecurity, Global Security News, Risk Management, Russia

Executive orders likely ahead in next steps for national cyber strategy

National Cyber Director Sean Cairncross expects more executive orders coming from the White House as part of implementing the national cybersecurity strategy, he said Wednesday. Staffers on Capitol Hill and others in the cyber world have been awaiting the implementation guidance the Trump administration had proclaimed would come to accompany the strategy  published last month.…

Read more →

AI, china, Global Security News, Network Security

We’re only seeing the tip of the chip-smuggling iceberg

Last year, Nvidia CEO Jensen Huang repeatedly denied that China was obtaining America’s most advanced chips. ‘There’s no evidence of any AI chip diversion,’ he said, dismissing such reports on another occasion as ‘tall tales.’ Federal prosecutors would beg to differ. They’ve charged six men over the past three weeks with smuggling billions of dollars’…

Read more →

AI, china, Cloud Security, Endpoint, Exploits, Global Security News, malware, Network Security

China-linked cloud credential heist runs on typos and SMTP

China-aligned hackers have deployed a Linux-based ELF backdoor to steal cloud credentials at scale from workloads across AWS, GCP, Azure, and Alibaba Cloud environments. According to Breakglass Intelligence findings, the backdoor uses a “zero-detection” technique, employing SMTP port 25 as a covert command-and-control (C2) channel to harvest cloud provider credentials and metadata. “A selective C2…

Read more →

AI, china, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey

On March 23, the Senate confirmed Senator Markwayne Mullin as the next homeland security secretary, marking an important step in strengthening leadership during a critical moment for our nation’s security. But only half of the job is done. The Cybersecurity and Infrastructure Security Agency (CISA), the federal government’s main civilian cyber defense agency, still lacks…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, china, Global Security News

Cyber-Inspekteur: Hybride Attacken nehmen weiter zu

Deutschland ist im Visier staatlicher Hacker. Mdisk – shutterstock.com Hybride Attacken auf kritische Infrastruktur in Deutschland und Bundeswehr-Truppen im Ausland nehmen weiter zu. Spätestens seit 2022 sei ein spürbarer Zuwachs zu verzeichnen, sagte der Bundeswehr-Inspekteur Cyber- und Informationsraum, Vizeadmiral Thomas Daum, bei einem Pressetermin bei der Nato-Cyberabwehrübung «Locked Shields» im niederrheinischen Kalkar.  Cyber-Angriffe gegen die Bundeswehr…

Read more →

china, Exploits, Global Security News

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of

Read more →

AI, china, Data Breaches, Global Security News, malware, Russia

CPUID watering hole attack spreads STX RAT malware

Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia

Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S. GlassWorm evolves with…

Read more →

AI, Apps, china, Cybersecurity, Global Security News, Government & Policy, Network Security, Russia

Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad

The Department of Commerce is putting together a catalog of AI tools that will be given special export status by the federal government to be sold abroad. The department issued a call for proposals to participating companies in the Federal Register, looking to create a “menu of priority AI export packages that the U.S. Government…

Read more →

AI, china, Data Breaches, Global Security News, Network Security, Risk Management

Alleged 10 Petabyte Data Theft From China’s Tianjin Supercomputing Hub

Threat actors are claiming responsibility for what could be one of the largest data breaches in China’s history — allegedly stealing more than 10 petabytes of data from a key national supercomputing facility tied to scientific and defense research. “The reports that hackers with the alias of FlamingChina stole 10 petabytes of data containing Chinese…

Read more →

AI, Apps, china, Cybersecurity, Exploits, Global Security News, Government & Policy

Why is the timeline to quantum-proof everything constantly shrinking?

When Google announced last month it was moving up its own internal timeline for migrating to quantum-resistant forms of encryption, it started a broader conversation in the cybersecurity and cryptography communities: Just what was pushing one of the largest tech companies in the world to significantly accelerate its adoption of post-quantum protections for its systems,…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Risk Management

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

A hacker allegedly stole 10+ PB of sensitive military and aerospace data from China’s National Supercomputing Center, risking national security. A massive alleged breach has hit China’s National Supercomputing Center (NSCC) in Tianjin. A hacker claims to have exfiltrated over 10 petabytes of highly sensitive data, including military, aerospace, and missile-related information. The facility supports…

Read more →

AI, china, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management

Project Glasswing powered by Claude Mythos: defending software before hackers do

Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cybersecurity through Project Glasswing, aiming to secure critical software before it can be abused. Interest in Mythos grew after a leak of nearly 3,000 internal files…

Read more →

AI, china, Data Breaches, Exploits, Global Security News, Network Security

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment,…

Read more →

china, Global Security News

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems. “The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia, Venture

Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qilin ransomware group claims the hack of German political party Die Linke U.S. CISA adds a…

Read more →

AI, Apps, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in TrueConf Client, tracked as CVE-2026-3502 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. TrueConf is a videoconferencing platform often used in secure, offline…

Read more →

AI, china, Europe, Global Security News, Government & Policy

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. “This TA416 activity included multiple

Read more →

AI, china, Cybersecurity, Funding, Global Security News, Government & Policy, Network Security

Trump budget proposal would cut hundreds of millions more from CISA

President Donald Trump’s fiscal 2027 budget would slash the Cybersecurity and Infrastructure Security Agency’s total by $707 million, according to a summary released Friday, which would deeply chop down an agency that already took a big hit in Trump’s first year. Another budget document suggests a smaller — but still substantial — hit of $361…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs)…

Read more →

AI, china, Europe, Global Security News, Government & Policy, malware, Russia

European-Chinese geopolitical issues drive renewed cyberespionage campaign

A Chinese cyberespionage group has shifted its gaze back to Europe after years of focusing on other parts of the world, Proofpoint research published Wednesday found. The surge began in mid-2025, with a bevy of issues bubbling up between China and Europe, the company said. Proofpoint labels the government-linked group TA416, but other companies track…

Read more →

AI, china, Endpoint, Global Security News, Government & Policy, Network Security, privacy, Risk Management, Russia

Free VPNs leak your data while claiming privacy

Most free Android VPNs track users, request dangerous permissions, and connect to risky servers, privacy comes at a hidden cost. Free VPN apps are some of the most popular downloads on Android, promising privacy at no cost. But the reality is far from what they advertise. Most users tap “install” without a second thought, unaware…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, privacy, Risk Management

California to bar AI vendors that can’t prove bias safeguards

AI vendors selling to the California state government must prove they have safeguards against algorithmic bias, civil rights violations, and illegal content, or risk being barred from state contracts, under an executive order signed by Governor Gavin Newsom. The order directs the Department of General Services and the California Department of Technology to develop new…

Read more →

AI, china, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security

China-Linked groups target Southeast Asian government with advanced malware in 2025

China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-linked threat clusters targeted a Southeast Asian government in a complex, well-funded cyber operation. Threat actors deployed numerous malware types, including HIUPAN, PUBLOAD, EggStremeFuel/Loader, MASOL RAT, PoshRAT, TrackBak Stealer, Hypnosis Loader, and FluffyGh0st, showing…

Read more →

AI, china, Global Security News, Government & Policy, malware

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a “complex and well-resourced operation.” The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL

Read more →

AI, Apps, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters claims the hack of the European Commission Iran-linked group Handala hacked FBI Director Kash Patel’s…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly…

Read more →

AI, china, Global Security News, Government & Policy, Network Security

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that’s also tracked as Earth Bluecrow,

Read more →

AI, china, Cybersecurity, Global Security News, Government & Policy, Network Security, privacy

Former NSA chiefs worry American offensive edge in cybersecurity is slipping

SAN FRANCISCO — Four former National Security Agency directors shared varying concerns about a lack of earnest and widespread response to growing threats in cyberspace during a discussion at the RSAC 2026 Conference on Tuesday. Accelerating threats posed by artificial intelligence, China and cybercriminals at large are testing the country’s resolve and determination to foster…

Read more →

AI, china, Europe, Global Security News, Network Security

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks

Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked Salt Typhoon APT for many years now. To help them identify hard-to-detect implants used by the group, researchers have released a scanning script. Salt Typhoon goes deep Salt Typhoon has hit US, Canadian, European and Asian telcos. “By compromising telecom…

Read more →

AI, china, Global Security News

Mission to smuggle $170 million worth of AI tech to China collapsed for three men

Three individuals, Stanley Yi Zheng, Matthew Kelly, and Tommy Shad English, have been charged with conspiracy to commit smuggling and export control violations after allegedly attempting to procure millions of dollars’ worth of restricted computer chips from a California-based hardware company. In October 2023, Tommy Shad English, claiming to represent a Thailand-based company, ordered 750…

Read more →

AI, china, Compliance, Cybersecurity, Global Security News, Network Security, privacy

Never knock on the door of a nuclear submarine base and ask for a selfie

A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin – signing his extortion emails from a company called “Loot.” Meanwhile, two people drive up to the entrance of the UK’s nuclear submarine base at Faslane and politely…

Read more →

AI, Apps, china, Endpoint, Europe, Exploits, Global Security News, Network Security

New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert

A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, say experts. The hole, CVE-2026-3055, is an out-of-bounds read vulnerability in customer-managed NetScaler ADC and NetScaler Gateway devices configured as SAML IDP for approving identity and authentication. It’s rated at 9.3 in severity on…

Read more →

AI, china, Global Security News, Government & Policy

Google moves post-quantum encryption timeline up to 2029

Google is accelerating its timeline for migrating its products to quantum resistant encryption to 2029, the latest sign that tech leaders are worried that they haven’t been aggressive enough in planning for a post-quantum future. In a blog posted Wednesday, vice president of security engineering Heather Adkins and senior staff cryptology engineer Sophie Schmieg said…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Europe, Global Security News, Government & Policy, Network Security, Politics, privacy, Risk Management

MY YAKE: A decade of cyber collaboration, built under Obama, is now hostage to a political grudge

SAN FRANCISCO — I was in the room at Stanford in February 2015 when President Obama used the bully pulpit to launch what became a decade of hard-won public-private collaboration in cybersecurity. It didn’t take much to tear it asunder. At RSAC 2026 this week, that decade of work is suddenly on the line —…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management, Russia

DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses

Leaked iOS spyware has some cybersecurity professionals raising urgent alarms about potential mass iPhone compromises, a development that pairs ominously with the recent discovery of two sophisticated iOS exploit kits. At the same time, some other experts say Apple’s defensive features for iPhones remain elite. But several factors have created unprecedented circumstances: the public accessibility…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty

The Federal Communications Commission’s move to ban foreign-made routers touches on a real threat, but critics say the agency rule is overly broad, practically unworkable and doesn’t meaningfully address weaknesses in router security that have led to major breaches on American governments and businesses. Under the Secure Equipment Act and Secure Networks Act, the FCC…

Read more →

AI, Apps, china, Europe, Global Security News, malware, Network Security, Risk Management, Venture

China’s use of open‑source AI threatens the US lead in AI development, US Commission warns

China’s open-source AI strategy is building a self-reinforcing competitive advantage that US export controls were not designed to counter, the US-China Economic and Security Review Commission has warned. “US export controls primarily target the digital loop, restricting access to advanced chips used for frontier model training — but are not well suited to addressing the…

Read more →

AI, china, Exploits, Global Security News, malware, Network Security, Politics, Risk Management

Caught in the Iranian War crossfire: Big Tech, Microsoft and Windows

Iran’s most potent weapon in the war with the United States is pretty clear: attack the world’s oil and gas infrastructure by closing off access to the Strait of Hormuz. But Big Oil isn’t the only industry Iran is aiming for — it’s also attacking Big Tech. And that includes Microsoft, which is directly in…

Read more →

AI, Apps, china, Global Security News, Risk Management

Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives can be challenging to detect. Combinations of behavioral analytics, threat intelligence, and other points of information are taking shape as essential defenses, as a recent case attests.…

Read more →

AI, china, Exploits, Global Security News, Network Security, Risk Management

International police Operation Alice take down 373,000 dark web sites exploiting children

Operation Alice: Police dismantle a massive dark web network with 373,000 fake sites luring users seeking child sexual abuse material. An international law enforcement operation, code named Operation Alice, shut down one of the largest dark web scams, uncovering over 373,000 fake sites tricking users seeking child sexual abuse content. The operation, first investigated in…

Read more →

AI, china, Exploits, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware – malware analysis   DRILLAPP: new backdoor targeting Ukrainian entities with possible links to Laundry Bear When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation AI Coding Tools Under Fire:…

Read more →

AI, Apps, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Security Affairs newsletter Round 568 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WorldLeaks ransomware group breached the City of Los Angels PolyShell flaw exposes Magento and Adobe Commerce…

Read more →

AI, china, Global Security News, Government & Policy, malware, Network Security

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure used by several IoT botnets, including AISURU, Kimwolf, JackSkid, and Mossad. The operation involved authorities from Canada and Germany, along with major tech companies, to target botnet operators and weaken their global…

Read more →

AI, Apps, china, Europe, Global Security News, Government & Policy, Network Security, Russia

Data Centers Are Military Targets Now

In retaliation for the ongoing U.S.–Israeli war, Iran responded with a novel form of counterattack. For the first time in military history, private sector data centers came under deliberate attack. In an era when companies known for e-commerce, social networks, and search engines have also become close collaborators with militaries, is bombing their servers fair…

Read more →

AI, china, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

The espionage reality: Your infrastructure is already in the collection path

Threat actors have always sought advantage over their targets. Recently we’ve seen two efforts designed for long-term intelligence gain. This activity surfaced right where you would expect inside the enterprise. Enterprises now sit directly in the adversary’s collection path. They don’t have to be the target; they are on the board and in play because…

Read more →

AI, china, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Beijing wants its own quantum-resistant encryption standards rather than adopt NIST’s

China is reportedly planning to develop its own national post-quantum cryptography standards within the next three years, even as most of the world has already begun migrating to those finalized by the US in 2024. Post-quantum cryptography deals with algorithms that can protect data from the threat proposed by future quantum computers, which are expected…

Read more →

AI, APAC, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

9 Best Next-Generation Firewall (NGFW) Solutions in 2026

This guide is for IT leaders, network administrators, and security teams evaluating next-generation firewalls (NGFWs), and it covers how they work, key features, and what to look for in 2026 solutions.  NGFWs have evolved beyond traditional firewalls to deliver deep packet inspection, application awareness, and integrated threat prevention, helping organizations defend against increasingly sophisticated attacks.…

Read more →

AI, china, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, privacy

U.S. robotics companies want federal help to keep Chinese robots out of America’s networks

Executives at top U.S. robotics companies asked Congress for federal dollars, new legislation and a simpler regulatory field, arguing the support is necessary to adapt to the AI era and compete with their well-oiled, state-funded Chinese competitors. The U.S. robotics sector, estimated at $50 billion in value, includes world famous companies like Boston Dynamics. The…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Network Security

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners. “The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried…

Read more →

Deeper Network Promo Deeper Network Promo Deeper Network Promo Image

AI, china, Cybersecurity, Global Security News, Government & Policy, Risk Management

CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors

The U.S. government shouldn’t rigidly stick to traditional designations about which agency takes the lead on engaging with critical infrastructure sectors, the acting director of the Cybersecurity and Infrastructure Security Agency said Tuesday. Sector risk management agency designations have long governed which agency is at the forefront of government efforts to protect each of the…

Read more →

AI, APAC, china, Global Security News, Network Security, Risk Management

Chip wafer shortage will run through 2030 as AI demand overwhelms supply: SK Hynix chief

The global shortage of semiconductor wafers will not ease before the end of the decade, SK Group Chairman Chey Tae-won said, delivering one of the most definitive long-range forecasts yet from the executive of the world’s leading supplier of high-bandwidth memory chips. Speaking to reporters on the sidelines of Nvidia’s GTC Conference in San Jose,…

Read more →

AI, china, Endpoint, Global Security News, malware, Network Security

CL-STA-1087 targets military capabilities since 2020

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. “The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, malware, Network Security, Russia

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate…

Read more →

AI, china, Global Security News, Network Security

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform’s “inherently weak default security configurations,” coupled with its

Read more →

AI, china, Compliance, Global Security News, Network Security

Data mining? Old servers could become new source of rare earths

The retirement of old server equipment from data center facilities could become an opportunity for enterprises to generate revenue, instead of being an often costly recycling expense. Last year Western Digital announced it was experimenting with new ways to extract valuable rare earth elements and metals from obsolete servers from Microsoft’s US data centers, as…

Read more →

AI, china, Global Security News, Network Security

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087, where CL refers to cluster, and STA stands for state-backed motivation. “The activity demonstrated strategic operational…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Politics, Russia

Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict

A cyberattack that an Iranian hacking group said it carried out against medical device manufacturer Stryker might mark Tehran’s first significant cyber action since the start of the joint U.S.-Israel conflict. But even that may have been a happy accident for Iranian hackers in what has been a low buzz of activity during that timeframe,…

Read more →

AI, china, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, privacy, Risk Management

Officials worry Salt Typhoon apathy is killing momentum for tougher telecom security rules

Two years ago, it was revealed that Chinese hackers had compromised at least ten U.S. telecoms, giving them broad access to phone data affecting nearly all Americans. Since then, public officials charged with responding to the campaign and bolstering the nation’s cyber defenses have reported a common problem. Many of their constituents struggle to understand…

Read more →

china, Global Security News

MG IM5 & IM6 vs Zeekr 7X: Two high-end Chinese EVs redefining premium and quietly challenging Tesla’s dominance

China’s next wave of electric vehicles has arrived in Australia. Unlike early value-focused entrants, these cars aren’t trying to be cheap alternatives to Tesla; they’re trying to be better with tech-heavy luxury-leaning EVs packed with innovation, aggressive pricing, and design philosophies that diverge sharply from Tesla’s minimalist approach.

Read more →

AI, china, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

12 ways attackers abuse cloud services to hack your enterprise

Attackers are increasingly abusing trusted SaaS platforms, cloud infrastructure, and identity systems to blend malicious activity into legitimate enterprise traffic. Adversaries are pushing command and control (C2) through high-reputation services, including OpenAI and AWS, to blend in with normal business traffic and evade blocklists. The shift from “living off the land” to “living off the…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Security Leaders Warn of Cyber Risks Tied to Iran Conflict

The escalating confrontation between the United States and Iran is raising concerns among cybersecurity agencies and security leaders, who have warned businesses to be on alert for a potential increase in cyberattacks from the region. Governments warn of increased cyber activity linked to Iran conflict Official warnings from cybersecurity centers in the United States, the…

Read more →

AI, APAC, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics, privacy

Trump’s cyber strategy emphasizes offensive operations, deregulation, AI

The White House released President Donald Trump’s long-awaited cybersecurity strategy, a lean seven-page blueprint that breaks from past approaches by placing offensive cyber operations at the center of US policy. Developed by the Office of the National Cyber Director (ONCD), the strategy emphasizes disrupting adversaries, deregulating industry, and accelerating the adoption of artificial intelligence while…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, china, Funding, Global Security News, Government & Policy, Network Security

China announces new plans to take US industry head on

China has unveiled ambitious plans to compete with the US on emerging technologies by increasing funding for start-ups. The Chinese government said it wanted the digital economy to account for 12.5% of gross domestic product by 2030, a significant increase on the 10.5% share reported last year. Chinese Premier Li Qiang told the National People’s…

Read more →

china, Global Security News

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow. It’s worth

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While slightly below the 100 observed in 2023, the number increased from 78 in 2024, with…

Read more →

AI, china, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management, Russia

Zero-day exploits hit enterprises faster and harder

Google tracked 90 vulnerabilities exploited as zero-days last year, with Chinese cyberespionage groups doubling their count from 2024 and commercial surveillance vendors overtaking state-sponsored hackers for the first time. Nearly half of the recorded zero-days targeted enterprise technologies such as security appliances, VPNs, networking devices, and enterprise software platforms. “Increased exploitation of security and networking…

Read more →

AI, china, Data Breaches, Exploits, Global Security News, Government & Policy, Politics, privacy, Russia

Congress Is Considering Abolishing Your Right to Be Anonymous Online

Sen. Marsha Blackburn, R-Tenn., speaks at a rally in support of the Kids Online Safety Act on Dec. 10, 2024, in Washington, D.C. Photo: Jemal Countess/Getty Images for Accountable Tech In August 2024, the Biden administration hosted hundreds of influencers at the White House for the first-ever Creator Economy Conference. Neera Tanden, a senior Biden adviser,…

Read more →

AI, Apps, china, Exploits, Global Security News, malware, Network Security, Risk Management, Russia

Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year

Google’s threat intelligence researchers have identified a sophisticated exploit kit targeting iPhones that was first used by a commercial surveillance vendor’s customer before being repurposed by a suspected Russian espionage group and then by Chinese cybercriminals, highlighting what researchers describe as an active secondary market for high-end zero-day exploits. “How this proliferation occurred is unclear,…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

State-affiliated hackers set up for critical OT attacks that operators may not detect

Several state-linked threat groups known for breaking into operational technology (OT) networks have shifted their focus over the past year from gaining and maintaining access to actively mapping out ways to disrupt physical industrial processes. The shift poses a significant threat because fewer than one in 10 OT networks have monitoring in place to detect…

Read more →

AI, china, Europe, Exploits, Global Security News, Government & Policy, Network Security

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting…

Read more →

AI, china, Global Security News, Government & Policy, Network Security, Risk Management

Anthropic AI ultimatums and IP theft: The unspoken risk

Two recent high-profile events concerning Anthropic’s Claude AI underscore a little-discussed risk at the heart of the enterprise’s rush to capitalize on leading AI capabilities. The first incident involved a China-based extraction campaign against Anthropic’s intellectual property. The second was the Trump administration’s banning of Claude for federal use after the company resisted US demands…

Read more →