Hackers exploit Roundcube flaw to spy on academic researchers
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday
A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese businesses.
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year
The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers
NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems
PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three flaws it thought it had fixed last year.…
Malware Exploits Cybercrime Ecosystem for ProfitHackers are using a variant of a backdoor that's the hallmark of a Chinese threat actor suspected of ties to Beijing in order to target the cybercriminal underground. The malware t "shares near-complete similarity" with the a backdoor exclusively used by the Winnti Group.
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa
The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace
The notorious APT15 used common malware tools and a third-generation custom 'Graphican' backdoor to continue its information gathering exploits, this time against foreign ministries.
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems
An unknown Chinese-speaking threat actor has been targeting betting companies in Taiwan, Hong Kong, and the Philippines, leveraging a vulnerability in WPS Office to plant a backdoor on the targeted systems. [...]