11 Jul, 2026

CISA says recent government hack limited to US Treasury

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. “At this time, there is no indication that any other federal agencies have been impacted by this incident,” CISA said. “CISA continues to monitor the situation and coordinate with relevant federal authorities to […]

1 min read

Chinese hackers also breached Charter and Windstream networks

More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access […]

2 mins read

US sanctions Chinese company linked to Flax Typhoon hackers

​The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. As the Treasury’s Office of Foreign Assets Control (OFAC) said on Friday, the Chinese state-sponsored hackers used the company’s infrastructure to launch attacks targeting networks of victims in Europe and […]

3 mins read

Chinese hackers targeted sanctions office in Treasury attack

​Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in December 1950, blocking all Chinese and North Korean assets under U.S. jurisdiction after China entered the Korean War. In a letter sent to Congress this […]

2 mins read

US Treasury Department breached through remote support platform

Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York Times, the Treasury Department warned lawmakers it was first notified of the breach on December 8th by its vendor BeyondTrust. BeyondTrust is a privileged […]

2 mins read

AT&T and Verizon say networks secure after Salt Typhoon breach

AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. “We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities […]

2 mins read

White House links ninth telecom breach to Chinese hackers

A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. The Salt Typhoon Chinese cyber-espionage group who orchestrated these attacks (also tracked as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286) is known for breaching government entities and telecom companies […]

2 mins read

US considers banning TP-Link routers over cybersecurity risks

The U.S. government is considering banning TP-Link routers starting next year if ongoing investigations find that their use in cyberattacks poses a national security risk. According to a Wall Street Journal report, the U.S. Departments of Justice, Commerce, and Defense are looking into the issue, with at least one Commerce Department office having already subpoenaed the […]

2 mins read

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs

The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As a private industry notification (PIN) published on Monday explains, the attackers focus their attacks on Chinese-branded devices that are still waiting for security patches or have already reached the end […]

2 mins read

Winnti hackers target other threat actors with new Glutton PHP backdoor

The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. Chinese security firm QAX’s XLab discovered the new PHP malware in late April 2024, but evidence of its deployment, along with other files, dates back to […]

3 mins read