China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.
Chinese cyberattacks on Taiwan's critical infrastructure — including energy utilities and hospitals — rose 6% in 2025, averaging 2.63 million attacks a day.
Tidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of their supply chains.
Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.
Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.
New Fortress Information Security research shows 90% of software products used by critical infrastructure organizations contain code developed in China.
The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China's civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success.
Following the Volt Typhoon attacks on critical infrastructure in the region by China, the US reportedly will share cybersecurity threat information with both countries.
The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa.
Dutch military intelligence warns that new malware, called "Coathanger," was found in multiple FortiGate devices during an incident response, and that Chinese-state actors are using the persistent RAT for espionage.
Volt Typhoon is positioning itself to physically disrupt and cripple US critical infrastructure by gaining access to operational technology networks in the energy, water, communications, and transportation sectors, according to CISA.
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law enforcement officials.
The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.
The Chinese state-sponsored APT has compromised as many as 30% of Cisco legacy routers on a SOHO botnet that multiple threat groups use.
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
Escalating incursions into military base infrastructure, telecom networks, utilities, and more signal that Beijing is laying the groundwork for mass disruption.