china
FBI warns against using Chinese mobile apps due to privacy risks
The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. In a public service announcement (PSA) issued via its Internet Crime Complaint Center (IC3) platform this Tuesday, the FBI warned of privacy and data security risks associated with these apps. “As of early 2026, many […]
Europe sanctions Chinese and Iranian firms for cyberattacks
The Council of the European Union has sanctioned three Chinese and Iranian companies and two individuals for cyberattacks targeting devices and critical infrastructure. One of the two sanctioned Chinese companies, identified as Integrity Technology Group, provided “technical and material support” between 2022 and 2023 that led to hacking more than 65,000 devices in six EU […]
Chinese state hackers target telcos with new malware toolkit
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. According to Cisco Talos researchers, the adversary is closely associated with the FamousSparrow and Tropic Trooper hacker groups, but is tracked as a separate activity cluster. This assessment has high confidence and is […]
CISA orders feds to patch actively exploited Dell flaw within 3 days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. According to security researchers from Mandiant and the Google Threat Intelligence Group (GTIG), this hardcoded-credential vulnerability (CVE-2026-22769) in Dell’s RecoverPoint (a solution used for VMware virtual machine backup and […]
Texas sues TP-Link over Chinese hacking risks, user deception
Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware vulnerabilities and access users’ devices. The lawsuit follows an investigation launched in October and claims that TP-Link misled buyers by labeling its products “Made in Vietnam” while sourcing nearly all components from China. According […]
Chinese hackers exploiting Dell zero-day flaw since mid-2024
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. Security researchers from Mandiant and the Google Threat Intelligence Group (GTIG) revealed today that the UNC6201 group exploited a maximum-severity hardcoded-credential vulnerability (tracked as CVE-2026-22769) in Dell RecoverPoint for Virtual Machines, a solution used for VMware […]
Chinese cyberspies breach Singapore’s four largest telcos
The Chinese threat actor tracked as UNC3886 breached Singapore’s four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. The hackers also gained limited access to critical systems but did not pivot deep enough to disrupt services. In response to the intrusions, which were disclosed in July 2025, Singapore deployed […]
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. The framework serves as a post-compromise framework for traffic monitoring and adversary-in-the-middle (AitM) activities. It is designed to intercept and manipulate traffic destined for endpoints (computers, mobile devices, IoTs) on the network. […]
Notepad++ update feature hijacked by Chinese state hackers for months
Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today. The attackers intercepted and selectively redirected update requests from certain users to malicious servers, serving tampered update manifests by exploiting a security gap in the Notepad++ update […]
U.S. convicts ex-Google engineer for sending AI tech data to China
A U.S. federal jury has convicted Linwei Ding, a former software engineer at Google, for stealing AI supercomputer data from his employer and secretly sharing it with Chinese tech firms. Ding was originally indicted in March 2024 after he lied and didn’t sincerely cooperate with Google’s internal investigation, leading to his arrest in California. According to the […]