An exploit kit that may have originated from a leaked U.S. government framework is behind what researchers are calling the first mass-scale attack on iOS, the operating system for Apple’s iPhones. Traces of the exploits, found in the work of Chinese cybercriminals, also have been spotted in Russian attacks on Ukraine and used by a…
Category: china
AI, china, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Geopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
AI, APAC, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Politics, Risk Management
The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing
The FBI’s cyber chief is prioritizing preparation for stepped-up Chinese threats, enhanced confrontation of adversaries in cyberspace and quicker intelligence sharing with industry as the bureau enters the second and final month of a unique cybersecurity awareness campaign. Brett Leatherman, who took over as assistant director of the FBI’s cyber division last summer, listed those…
AI, china, Global Security News, Politics
From fake nudes to fake quotes: AI deepfakes plagued Olympic athletes
While competing for medals and glory in Milan, Italy, U.S. Olympic athletes experienced something that is fast becoming a regular feature of modern public life: the widespread use of AI tools by politicians, trolls and sexual harassers to manipulate their images and voices Users on 4chan and other sites quickly generated and shared “nudified” or…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Venture
Claude code abused to steal 150GB in cyberattack on Mexican agencies
Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The…
AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia
Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Canadian Tire 2025 data breach impacts 38 million users Iran ’s Internet near-totally blacked out amid…
AI, Apps, china, Global Security News, Government & Policy, Politics, Risk Management
Trump administration bans Anthropic, escalating clash over military use of AI
The Trump administration on Friday moved to ban the use of products from artificial intelligence company Anthropic by federal businesses, escalating a high-stakes clash over whether private AI makers can limit how the US military uses their systems. Calling Anthropic “Leftwing nut jobs,” President Donald Trump said in a Truth Social post that he was…
AI, china, Global Security News
Why Apple is ready to launch Apple Pay in India
As As predicted, Apple is in talks with three banks in India about introducing Apple Pay services there later this year, a according to a Bloomberg report. This could give the company an even bigger footprint in India than its payment services have already built elsewhere. The move matters for many reasons. Consider this: Apple Pay is already far…
AI, china, Global Security News
Meta tightens grip on scam advertisers
Meta is stepping up the fight against scams on its platforms by filing multiple lawsuits targeting companies and individuals in Brazil, China, and Vietnam who used deceptive tactics to run scam ads. The company said it has taken technical enforcement actions in these cases, including suspending payment methods used in the scams, disabling accounts linked…
AI, china, Global Security News
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
Meta on Thursday said it’s taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam. As part of the effort, the advertisers’ methods of payment have been suspended, related accounts have been disabled, and the website domain names used to pull…
AI, Apps, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
Google has disrupted a China-linked espionage group that used Google’s spreadsheet application as a covert spy tool to compromise telecom providers and government agencies across 42 countries, sending commands and receiving stolen data through it, Google’s Threat Intelligence Group (GTIG) said on Thursday. Working with Mandiant, GTIG confirmed intrusions at 53 organizations across 42 countries,…
AI, APAC, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
Google and partners disrupted UNC2814, a suspected China-linked group that hacked 53 organizations across 42 countries. Google, with industry partners, disrupted the infrastructure of UNC2814, a suspected China-linked cyber espionage group that breached at least 53 organizations in 42 countries. The group has been active since at least 2017, and was spotted targeting governments and…
china, Data Breaches, Global Security News, Government & Policy
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. “This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,”
AI, APAC, china, Cybersecurity, Europe, Funding, Global Security News, Government & Policy, malware, Network Security, Risk Management
Across party lines and industry, the verdict is the same: CISA is in trouble
“Decimated.” “Amateur hour.” “Pretty much fallen apart.” “It’s really hard to find something positive to say right now.” It’s been a little more than one year into the second Trump administration, and there’s a large consensus, if not total unanimity, among those who have worked with and for the Cybersecurity and Infrastructure Security Agency: It…
AI, china, Global Security News, Government & Policy, Russia
Chinese group’s ChatGPT use reveals worldwide harassment campaign against critics
A Chinese law enforcement official attempted to use ChatGPT to review its reports on cyber operations, subsequently revealing details of a worldwide online harassment and silencing campaign of China’s critics at home and abroad. In a new threat report released Wednesday, OpenAI said the activity concerned a single account that regularly used ChatGPT to review…
AI, Apps, china, Compliance, Exploits, Global Security News, Risk Management
Anthropic alleges large-scale distillation campaigns targeting Claude
Anthropic has accused three Chinese AI developers of running large-scale campaigns to illicitly extract capabilities from its Claude model to improve their own systems. The company claims DeepSeek, Moonshot, and MiniMax used a distillation technique, where a less capable model is trained on the outputs of a more advanced one. More than 16 million interactions…
AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security
CrowdStrike says attackers are moving through networks in under 30 minutes
Cyberattacks reached victims faster and came from a wider range of threat groups than ever last year, CrowdStrike said in its annual global threat report released Tuesday, adding that cybercriminals and nation-states increasingly relied on predictable tactics to evade detection by exploiting trusted systems. The average breakout time — how long it took financially-motivated attackers…
AI, china, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
The rise of the evasive adversary
Since the earliest days of the internet, there has never been a let-up in adversarial activity. According to CrowdStrike’s just-released 12th annual Global Threat Report, malicious activity in cyberspace continues to not only accelerate but also expand its scale and increasingly abuse the trust of targeted organizations. The good news is that, despite discussion of…
AI, china, Global Security News
SerpApi fights back against Google lawsuit
The web scraping wars have just intensified. In December, Google announced that it was taking action against web scraping company SerpApi, whose API lets customers’ scrapers mimic human searching, claiming that the company’s tool was “circumventing security measures” that protect its search results to feed the voracious appetite for training data required by many…
AI, china, Global Security News, Government & Policy, Risk Management
Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities
Anthropic on Monday accused three Chinese artificial intelligence laboratories of stealthily trying to siphon Claude’s capabilities for their own models, potentially in a way that could fuel offensive cyber operations. The U.S. AI startup said the three labs, DeepSeek, Moonshot and MiniMax, ran “industrial-scale campaigns” with a tactic known as “distillation.” It involves sending bulk…
AI, APAC, Apps, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security
CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products
Attackers are exploiting CVE-2026-1731 in BeyondTrust RS and PRA to deploy VShell, gain persistence, move laterally, and control compromised systems. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). The flaw is being used to conduct a wide…
AI, china, Exploits, Global Security News, Network Security, Russia
AI-powered campaign compromises 600 FortiGate systems worldwide
A Russian-speaking cybercriminal used commercial generative AI tools to hack over 600 FortiGate devices across 55 countries. Amazon Threat Intelligence reports that a Russian-speaking, financially motivated threat actor used commercial generative AI services to compromise more than 600 FortiGate devices in 55 countries. The activity, observed between January 11 and February 18, 2026, highlights how…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog PayPal discloses extended data…
AI, china, Cybersecurity, Global Security News, Risk Management
State Dept. official says post-quantum transition plans will outlive current leadership
A cybersecurity official at the State Department called for the public and private sector to more tightly coordinate plans to transition their systems, devices and data to quantum-resistant encryption algorithms. Gharun Lacy, Deputy Assistant Secretary for the Cyber and Technology Security Directorate at the Department of State, issued a challenge for cybersecurity defenders to view…
AI, Apps, china, Cybersecurity, Data Security, Exploits, Global Security News, Government & Policy, Network Security, Politics, Risk Management
Texas Sues TP-Link Over Alleged Security Risks and Supply Chain Deception
Texas has filed a lawsuit against networking manufacturer TP-Link Systems, accusing the company of misleading consumers about the security and origins of its routers while exposing users to exploitation by Chinese state-backed threat actors. The complaint alleges that TP-Link marketed its devices as secure and labeled them “Made in Vietnam,” despite sourcing nearly all components…
AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2021-22175 (CVSS score 6.8) GitLab Server-Side Request Forgery (SSRF)…
AI, china, Global Security News, Risk Management
Poland restricts Chinese-made cars at protected military sites
Poland’s military leadership has decided that cars manufactured in the People’s Republic of China will no longer cross the gates of sensitive military bases. The decision follows a risk analysis focused on the growing integration of digital systems in cars and the potential for uncontrolled acquisition and use of data by those systems. The new…
AI, Apps, china, Exploits, Global Security News, Network Security, Risk Management
Notepad++ author says fixes make update mechanism ‘effectively unexploitable’
The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the claim this week after the release of version 8.9.2 of Notepad++, which includes a double-lock verification that any download of the tool from this point…
AI, APAC, Apps, china, Endpoint, Exploits, Global Security News, malware, Network Security
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years
For the past 18 months, a Chinese cyberespionage group has been exploiting a prevously unknown vulnerability in Dell’s RecoverPoint for Virtual Machines, a VM disaster recovery solution. The flaw, patched by Dell this week, allows unauthenticated attackers to gain command execution on the underlying OS as root. The vulnerability, tracked as CVE-2026-22769, stems from hardcoded…
AI, china, Exploits, Global Security News, malware
Dell’s Hard-Coded Flaw: A Nation-State Goldmine
A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.
AI, APAC, Apps, china, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Zero-Day in Dell RecoverPoint Enables GRIMBOLT Backdoor
A zero-day vulnerability in Dell RecoverPoint for Virtual Machines is being actively exploited to deploy backdoors and pivot deeper into enterprise networks. The flaw has reportedly been abused since at least mid-2024 by a suspected China-linked threat cluster. “Beyond the Dell appliance exploitation, Mandiant observed the actor employing novel tactics to pivot into VMware virtual…
AI, china, Global Security News
Chinese Humanoid Robots Fight in San Francisco, Sparking New Boxing League Plans
The new king of the ring may be made of metal, following a San Francisco company’s robot boxing show. The high-tech bout served as an early signal of what could be a new global sport. According to the publication Rest of World, enthusiastic spectators paid about $60 to $80 to watch the 4.5-foot Unitree humanoids…
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware
Notepad++ patches flaw used to hijack update system
Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to hijack its update mechanism and selectively push malware to chosen targets. In early February, the Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure,…
AI, china, Exploits, Global Security News, Network Security
China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligence team and Mandiant. The attackers deployed stealthy backdoors (BRICKSTORM and GRIMBOLT), a webshell (SLAYSTYLE) and maintained long-term access inside targeted networks. “Beyond…
AI, china, Exploits, Global Security News, malware, Risk Management
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. “Mandiant and Google Threat Intelligence Group (GTIG) have identified…
AI, APAC, china, Compliance, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2026-22769: Critical Dell RecoveryPoint Zero-Day Exploited in the Wild
SOC Prime has recently covered a wave of actively exploited zero-days across major ecosystems, including Apple’s CVE-2026-20700 and Microsoft’s CVE-2026-20805, alongside a fresh Chrome zero-day case. But the avalanche of threats keeps marching into 2026. Recently, researchers from Mandiant and Google Threat Intelligence Group (GTIG) detailed the active exploitation of CVE-2026-22769, a maximum-severity hardcoded-credential vulnerability…
china, Exploits, Global Security News
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded…
AI, china, Exploits, Global Security News, malware
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a “double lock” design that aims to make the update process “robust…
AI, APAC, Apps, china, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security
Chinese hackers exploited a Dell zero-day for 18 months before anyone noticed
Researchers uncovered more worrying details about a long-running cyber espionage campaign suspected to be backed by the Chinese government, exemplifying how such attacks often go undetected until they’ve already caused significant damage. Google Threat Intelligence Group and Mandiant said the Chinese threat group UNC6201 has been exploiting a zero-day vulnerability in Dell RecoverPoint for Virtual…
AI, china, Global Security News, malware, Network Security
SmartLoader hackers clone Oura MCP project to spread StealC malware
Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker’s AI Research (STAR) Labs team uncovered a SmartLoader campaign in which attackers cloned a legitimate MCP server linked to Oura Health to spread the StealC information stealer. The fake project appeared credible, complete with bogus forks…
AI, china, Global Security News, Network Security
Alibaba Launches Qwen3.5 AI Model With 60% Lower Costs, 8x Throughput
Alibaba has officially launched Qwen3.5, the latest version of its flagship artificial intelligence model, positioning it as a system built for the emerging era of AI agents. The model was released on Feb. 16 in both open-weight and hosted versions, allowing developers to run it on their own infrastructure or through Alibaba Cloud. Alibaba says…
AI, china, Cybersecurity, Global Security News
MCSC 2026: „Politik und Wirtschaft müssen zusammenarbeiten“
Das Motto der Munich Cybersecurity Conference 2026: “Command Control, Really? Confronting The Illusion Of Deterrence In The Age Of Relentless Cyber Threats.” Julia Mutzbauer Auch in diesem Jahr waren wieder zahlreiche internationale Institutionen auf der Münchner Cybersicherheitskonferenz (MCSC) vertreten. Darunter das Weiße Haus, FBI, Europol, OECD, BSI, BND und die Europäische Kommission sowie das National…
AI, Apps, china, Compliance, Global Security News, privacy, Risk Management
Alibaba’s Qwen3.5 targets enterprise agent workflows with expanded multimodal support
Alibaba has unveiled Qwen3.5, a new multimodal AI model that the company says is intended to serve as a foundation for digital agents capable of advanced reasoning and tool use across applications. The release reflects the ongoing shift from standalone chatbot deployments toward AI systems that can execute multi-step workflows and operate with minimal human…
AI, APAC, china, Cybersecurity, Funding, Global Security News, Network Security, Risk Management, Russia
Why ‘secure-by-design’ systems are non-negotiable in the AI era
Moody’s recently reported that global investment in data centers will surpass $3 trillion over the next five years, driven by AI capacity growth and hyperscaler demand. As big tech companies, banks, and institutional investors pour capital into these projects, data center developers and their financial sponsors must prioritze cybersecurity. Moody’s said that data center investments…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Fake Winter Olympics 2026 Stores Target Fans With Data-Theft Scams
As excitement builds at the Milano Cortina 2026 Winter Olympics, cybercriminals have launched convincing fake merchandise stores to steal payment details and personal data from eager fans. The campaign focuses heavily on high-demand mascot items that are sold out on the official site. In the “… past week alone, we’ve identified nearly 20 lookalike domains…
AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Venture
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Ten years on, the Bangladesh Bank cyberheist — a landmark cybersecurity incident that rewrote the rules of nation state–sponsored hacking — continues to offer lessons for the cybersecurity community. Cyberspies hacked into Bangladesh Bank internal network and SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging environment before sending 35 fraudulent SWIFT payment instructions that attempted…
AI, china, Global Security News, privacy
Apple privacy labels often don’t match what Chinese smart home apps do
Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also captures guests, neighbors, and other people who never agreed to be monitored. New research examined whether Chinese smart home apps provide privacy protections for these bystanders.…
AI, china, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, malware, Russia
Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fintech firm Figure disclosed data breach after employee phishing attack U.S. CISA adds a flaw in…
AI, china, Global Security News
Weave’s $8K Laundry Robot Still Needs Human Help
If you were hoping for a home robot that could finally handle laundry for you, Weave Robotics has an answer — sort of. The company’s new Isaac 0 folding robot is now shipping in the Bay Area, but it can’t do the job alone. The roughly $8K device folds common garments in 30 to 90…
china, Global Security News, Network Security, Russia
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks.
AI, china, Funding, Global Security News
Waymo Begins Deploying Next-Gen Ojai Robotaxis in the US
Waymo is putting its most advanced self-driving system yet on the road. The Alphabet-owned company announced on Feb. 12 that it has begun fully autonomous operations with its sixth-generation Waymo Driver system. The new fleet, built on base vehicles from Chinese automaker Geely, represents the company’s most aggressive push yet to scale its technology while…
AI, china, Data Breaches, Global Security News, Risk Management, Russia
Hackers Try to Clone Google’s Gemini With 100,000+ AI Probes
Google built Gemini to answer questions. Now attackers are using questions as lockpicks. In a surge of more than 100,000 carefully engineered prompts, threat actors have been hammering Google’s Gemini chatbot in what the company calls “model extraction” or “distillation” attacks. By systematically probing the system, adversaries attempt to reverse engineer the model’s underlying logic,…
AI, china, Global Security News, Russia
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG). The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking…
AI, china, Global Security News, Network Security
Starcloud prepares to launch AWS Outpost into space
Hot on the heels of Starlink’s plan for a million data centers in space, Starcloud’s next launch will put hardware from AWS in orbit. “Starcloud will be the first to launch the Amazon Web Services (AWS) Outpost hardware to space on our second satellite launching in October,” Starcloud CEO Philip Johnston wrote in a LinkedIn…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google fears massive attempt to clone Gemini AI through model extraction
Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by Google Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning process…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google fears massive attempt to clone Gemini AI through model extraction
Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by the company’s Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google: state-backed hackers exploit Gemini AI for cyber recon and attacks
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to…
AI, APT, china, Cybersecurity, Global Security News, Government & Policy, malware, Russia, Technology
Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycle
A new report from Google found evidence that state-sponsored hacking groups have leveraged AI tool Gemini at nearly every stage of the cyber attack cycle. The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. John Hultquist, chief analyst…
AI, Apps, china, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
What CISOs need to know about the OpenClaw security nightmare
The new personal AI agent orchestration tool known as OpenClaw — formerly Clawdbot, then Moltbot — is a personal assistant that can do tasks for you without your personal supervision. It can operate across devices, interact with online services, trigger workflows — no wonder the Github repo has seen millions of visits and over 160,000…
AI, china, Data Breaches, Exploits, Global Security News, Network Security, Remote Access Security, Security, Vulnerabilities
BeyondTrust fixes critical RCE flaw in remote access tools
Companies using self-hosted versions of BeyondTrust Remote Support (RS) or Privileged Remote Access (PRA) should deploy patches for a critical vulnerability that allows attacks to execute OS commands without authentication. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption,” BeyondTrust said in…
AI, Apps, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management, Venture
Stop comparing safety and cybersecurity, they have very little in common
Nearly a year ago, we hosted Dug Song, the legendary founder of Duo Security, on Inside the Network. During that conversation, Dug shared a powerful analogy that has stuck with me. He explained that in aviation, a plane crashes the same way only once, or maybe twice. Whenever it happens, we get to the bottom…
AI, APT, china, Data Breaches, Don't miss, Global Security News, Hot stuff, Network Security, News
Singapore telcos breached in China-linked cyber espionage campaign
Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year, the country’s Cyber Security Agency (CSA) has revealed. An advanced persistent threat group known as UNC3886 has probed deep into the networks of M1, SIMBA Telecom, Singtel, and StarHub, spurring Singapore’s security agencies to mount a large cyber defence operation.…
AI, APT, Breaking News, china, Data Breaches, Exploits, Global Security News, Government & Policy, hacking, intelligence, Network Security, Security
China-linked APT UNC3886 targets Singapore telcos
China-linked group UNC3886 targeted Singapore ’s telecom sector in a cyber espionage campaign, Singapore’s Cyber Security Agency revealed. Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) ran Operation CYBER GUARDIAN to protect the telecom sector. Since July 2025, investigations showed China-linked UNC3886 launched a targeted campaign against all four major…
AI, ai safety, china, Cybersecurity, Europe, Exploits, Geopolitics, Global Security News, Government, Government & Policy, Politics, privacy, Risk Management, Russia
Critics warn America’s ‘move fast’ AI strategy could cost it the global market
The Trump administration has made U.S. dominance in artificial intelligence a national priority, but some critics say a light-touch approach to regulating security and safety in U.S. models is making it harder to promote adoption in other countries. White House officials have said since taking office that Trump intended to move away from predecessor Joe…
AI, china, Global Security News
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector. “UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector,” CSA said. “All four of Singapore’s major telecommunications operators (‘telcos’) – M1, SIMBA Telecom, Singtel, and
AI, Apps, china, Endpoint, Exploits, Global Security News, malware, Network Security, Network Security, Security
DKnife targets network gateways in long running AitM campaign
A previously undocumented China-linked adversary-in-the-middle (AitM) framework known as “DKnife” has been identified operating at network gateways, where it intercepts and manipulates in-transit traffic. According to Cisco Talos’ findings, the framework has been active since at least 2019 and remains operational as of early 2026. Rather than targeting endpoints directly, DKnife is deployed at the…
AI, Apps, china, Endpoint, Exploits, Global Security News, malware, Network Security, Network Security, Security
DKnife targets network gateways in long running AitM campaign
A previously undocumented China-linked adversary-in-the-middle (AitM) framework known as “DKnife” has been identified operating at network gateways, where it intercepts and manipulates in-transit traffic. According to Cisco Talos’ findings, the framework has been active since at least 2019 and remains operational as of early 2026. Rather than targeting endpoints directly, DKnife is deployed at the…
china, Data Breaches, Don't miss, Enterprise, Exploits, Global Security News, Hot stuff, News
BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)
BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that was flagged after having been exploited by China-nexus threat actors to breach the US Treasury…
china, Data Breaches, Don't miss, Enterprise, Exploits, Global Security News, Hot stuff, News
BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)
BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that was flagged after having been exploited by China-nexus threat actors to breach the US Treasury…
AI, Artificial Intelligence (AI), china, Cloud Security, Commentary, Data Breaches, Exploits, Global Security News, malware, Network Security, op-ed, privacy, Risk Management
AI security’s ‘Great Wall’ problem
The Great Wall of China was built to slow northern raiders and prevent steppe armies from riding straight into the empire’s heart. Yet in 1644, its most impregnable fortress fell without a siege. At Shanhai Pass, where the wall meets the Bohai Sea, General Wu Sangui commanded the eastern gate. Behind him: a rebel army…
AI, Artificial Intelligence (AI), china, Cloud Security, Commentary, Data Breaches, Exploits, Global Security News, malware, Network Security, op-ed, privacy, Risk Management
AI security’s ‘Great Wall’ problem
The Great Wall of China was built to slow northern raiders and prevent steppe armies from riding straight into the empire’s heart. Yet in 1644, its most impregnable fortress fell without a siege. At Shanhai Pass, where the wall meets the Bohai Sea, General Wu Sangui commanded the eastern gate. Behind him: a rebel army…
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, Government & Policy, hacking, malware, Network Security, Risk Management, Russia, Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to…
AI, Breaking News, china, Cybercrime, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, Government & Policy, hacking, malware, Network Security, Risk Management, Russia, Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to…
AI, Apps, Breaking News, china, Endpoint, Exploits, Global Security News, hacking, malware, Mobile, Network Security, Security
DKnife toolkit abuses routers to spy and deliver malware since 2019
DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware in cyber-espionage attacks. Cisco Talos found DKnife, a powerful Linux toolkit that threat actors use to spy on and control network traffic through routers and edge devices. It inspects and alters data in transit and installs malware on PCs, phones,…
china, Global Security News
China Is Going All-In to Beat the U.S. on Humanoid Robots
Elon Musk told investors that Tesla’s Optimus humanoid robot will revolutionize the world. But most of it could belong to China, he warned.
AI, Breaking News, china, cyber crime, Global Security News, Government & Policy, hacking, malware, Network Security, Security
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare
AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS attack lasting 35 seconds in Nov 2025, which Cloudflare automatically detected and blocked. The AISURU/Kimwolf botnet was linked to a record-breaking DDoS attack that peaked at 31.4 Tbps and lasted just 35 seconds. Cloudflare said the November 2025 incident was part of a surge in hyper-volumetric HTTP…
AI, china, Cybersecurity, Global Security News, malware
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that’s operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to
AI, APT, china, Cyber warfare, Exploits, Global Security News, Government & Policy, hacking, intelligence, malware
China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025
China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The activity is linked to the APT41 ecosystem and affected countries including Thailand, Indonesia, Singapore, and…
china, cyber attack, cyber attacks, Global Security News, malware, Security
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works.
Asia Pacific, china, Cybersecurity, Global Security News, Government, Threats, Uncategorized
Cantwell claims telecoms blocked release of Salt Typhoon report
More than a year after national security officials revealed that Chinese hackers had systematically infiltrated U.S. telecommunications networks, the top Senate Democrat on the committee overseeing the industry is calling for hearings with executives from the nation’s biggest telecom companies. In a public letter released Tuesday, Sen. Maria Cantwell, D-Wash., called for the CEOs of…
AI, Apps, Artificial Intelligence, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
In just days, a viral open-source AI assistant went from niche experiment to a widespread internet-facing risk. OpenClaw, a self-hosted personal AI agent capable of executing actions on a user’s behalf, saw explosive adoption in late January 2026 — along with widespread public exposure that has raised concerns among security researchers. It “… has already…
AI, Apps, Artificial Intelligence, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
In just days, a viral open-source AI assistant went from niche experiment to a widespread internet-facing risk. OpenClaw, a self-hosted personal AI agent capable of executing actions on a user’s behalf, saw explosive adoption in late January 2026 — along with widespread public exposure that has raised concerns among security researchers. It “… has already…
AI, Artificial Intelligence, china, cyber crime, Global Security News, Laws & Legalities
Former Google Engineer Convicted of Stealing AI Secrets for China
A 38-year-old also known as Leon Ding, was convicted on seven counts of economic espionage and seven counts of theft of trade secrets following an 11-day trial.
Asia Pacific, china, Cybercrime, Cybersecurity, Global Security News, Threats
Google’s disruption rips millions out of devices out of malicious network
Millions of devices used as proxies by cybercriminals, espionage groups and data thieves have been removed from circulation following Google’s disruption of IPIDEA, a China-based residential proxy network. The reduction in available proxy devices came after Google’s Threat Intelligence Group used legal action and intelligence sharing to target the company’s domain infrastructure, Google said in…
AI, Artificial Intelligence (AI), Asia Pacific, china, Commentary, Global Security News
Cybersecurity can be America’s secret weapon in the AI race
Much of the public conversation about the U.S. “winning” the AI race with China centers exclusively on each nations’ ability to develop and implement leading AI models. But amid escalating cyber threats, the rising reality is that the race will not be won merely by the nation with the most advanced technology, but the one…
china, CryptoCurrency, cyber crime, Global Security News, Security
US Sentences Chinese National for Role in $36.9 Million Crypto Scam
A Chinese national has been sentenced for his role in a massive $36.9 million cryptocurrency scam operated from…
china, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals, are exploiting a path-traversal vulnerability affecting WinRAR that was disclosed and patched six months ago. The high-severity vulnerability — CVE-2025-8088 — was exploited in the wild almost two weeks before RARLAB, the vendor behind the…
china, Cloud, Cybersecurity, Global Security News, malware, Security
VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks
Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth.
china, cyber attacks, Global Security News, malware, Security
Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware
Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets.
APT, Breaking News, china, Exploits, Global Security News, hacking, Security
China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug
Cisco fixed a maximum severity AsyncOS flaw in Secure Email products, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco fixed a critical AsyncOS flaw, tracked as CVE-2025-20393 (CVSS score of 10.0), affecting Secure Email Gateway and Email and Web Manager, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco detected attacks…
Asia Pacific, Breaking News, china, Global Security News, intelligence, Security
China bans U.S. and Israeli cybersecurity software over security concerns
China has told domestic firms to stop using U.S. and Israeli cybersecurity software, citing national security concerns amid rising tech tensions. Reuters reported that China has ordered domestic companies to stop using cybersecurity solutions from more than a dozen U.S. and Israeli firms, citing national security risks. Tensions remain high over China’s push in semiconductors…
china, cyber crime, Global Security News, Scams and Fraud
$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group’s global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud.
Asia Pacific, Breaking News, china, Cyber warfare, Global Security News, intelligence, Security
China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns
Taiwan says China-linked cyberattacks on its energy sector rose tenfold in 2025, hitting critical infrastructure across nine sectors, with total incidents up 6%. Taiwan reports China-linked cyberattacks on its energy sector surged tenfold in 2025, targeting critical infrastructure across nine sectors, with total incidents up 6% YoY. Taiwan’s National Security Bureau (NSB) reports China launched…
AI, china, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy, Venture
How to scam someone in seven days
Romance scammers have apparently discovered astrology… and Taurus is their secret weapon. In episode 449 of “Smashing Security”, we take a look inside an actual romance-fraud handbook – complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto. Then Lesley “hacks4pancakes” Carhart delivers a…