A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have…
Tag: Chinanexus
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security
TrueConf zero-day vulnerability exploited to target government networks
Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs)…
AI, china, Global Security News, Government & Policy, Network Security
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that’s also tracked as Earth Bluecrow,
AI, china, Global Security News
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector. “UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector,” CSA said. “All four of Singapore’s major telecommunications operators (‘telcos’) – M1, SIMBA Telecom, Singtel, and
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.
AI, china, Cisco Talos, Global Security News, malware, Security
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.