Chinese LLMs Broaden the Gap Between Attackers & Defenders
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
Stay updated with the latest information security trends, threats, and strategies emerging from China. Discover how China shapes global cybersecurity.
Search across headline titles and summaries.
Background for this topic.
China covers cybersecurity and information-security developments connected to China, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving China's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
Weekly headline count for the current query.
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.
Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to breach numerous institutions and exfiltrate sensitive data.
North Korea's gross domestic product (GDP) has grown, in part because of the nation's state-sponsored cybercrime groups, which target financial firms and other businesses.
One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.
China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests.
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
"Showboat" doesn't show off, but clearly it doesn't need to, as it's long helped China spy on small market communications providers.
The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors.
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
China's state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way.
China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by some stale TTPs.
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.
Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
These rulings prohibit the entities from entering or doing business in the European Union.