Chinese hackers linked to the advanced persistent threat actor UNC6508 breached North American research facilities via web applications and evaded detection for over a year.
Hackers used sophisticated techniques and leveraged a commercial internet service provider vendor’s infrastructure to breach FBI surveillance systems, something both Chinese and Russian state-backed threat actors are notorious for doing. It is unclear at this point which of the numerous Chinese hacking groups may have been involved with the security breach.
A long-term Chinese cyber espionage operation that has been active since at least 2017 and has a count of at least 53 victims has been substantially disrupted, according to the Google Threat Intelligence Group (GTIG) and Mandiant.
A new report from Google Threat Intelligence Group (GTIG) and Mandiant warns of a zero-day vulnerability present in Dell RecoverPoint for Virtual Machines since 2024, and that has been actively exploited by Chinese hackers for at least that long.
Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of the targets that were chosen for follow-on compromise via malicious software updates. Notepad++ is a free and broadly popular piece of software that is thought to have tens of millions of users worldwide.
A new warning documents an ongoing campaign by Chinese hackers making use of the sophisticated BRICKSTORM malware to target public sector organizations and IT companies for long-term espionage purposes. The average dwell time for these documented breaches is a little over a year.
The Salt Typhoon state-sponsored hackers were able to maintain a footing in a state National Guard unit for nine months and use this position to intercept traffic from other national guard networks in all 50 states as well as at least four US territories.
Microsoft Threat Intelligence warns that the Chinese state-linked threat actor Silk Typhoon is targeting the IT supply chain to compromise primary organizations and access their downstream customers.
The Chinese hackers were able to dwell for at least several months in 2023 and captured about 5% to 10% of all of the emails sent by the Belgian State Intelligence Service during that time.
A recent breach of the US Treasury yielded access to Secretary Janet Yellen's computer along with those of two of her lieutenants, according to inside sources speaking to Bloomberg News reporters.










