GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic interests
Chinese crew built 1,000+ device network that runs on home devices then targets critical infrastructure A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China’s ‘Typhoon’ crews and has infected at least 1,000 devices, primarily in the US and South East, according to Security Scorecard's Strike threat intel analysts. And it uses a phony certificate purportedly signed by the Los Angeles police department to try and gain access to critical infrastructure.…
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection
The China-aligned APT (advanced persistent threat) group known as 'Bronze Starlight' was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider. [...]
Lookout attributed WyrmSpy and DragonEgg to APT41 due to overlapping Android signing certificates
Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover.
Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole. [...]
A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers
Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.
A suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies located in different countries in Asia as part of an ongoing campaign since at least March 2022
Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19
The group is characterized by the use of a stolen digital certificate issued by DEEPSoft