Chinese APT Archives • Daily CyberSecurity

Twill Typhoon Exploits CDN Masquerading and DLL Sideloading to Breach APJ Networks Twill Typhoon DLL Sideloading

Twill Typhoon Exploits CDN Masquerading and DLL Sideloading to Breach APJ Networks

Ddos May 22, 2026

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure CL-UNK-1068 Chinese APT

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure

Ddos March 11, 2026

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX

Ddos March 10, 2026

CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains CISA KEV Update, Cisco Zero-Day KEV Vulnerabilities

CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains

Ddos December 18, 2025

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Cisco Zero-Day Siege: Chinese Group UAT-9686 Deploys ‘Aqua’ Malware via CVSS 10 Root Exploit

Ddos December 18, 2025

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading UNC6384 PlugX, LNK Exploit

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading

Ddos November 3, 2025

Symantec Exposes Chinese APT Overlap: Zingdoor, ShadowPad, and KrustyLoader Used in Global Espionage Chinese APT Overlap, Zingdoor ShadowPad

Symantec Exposes Chinese APT Overlap: Zingdoor, ShadowPad, and KrustyLoader Used in Global Espionage

Ddos October 23, 2025

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware

Ddos October 7, 2025

Phantom Taurus: New Chinese APT Emerges with Fileless NET-STAR Backdoor Targeting Global Governments and Telecoms

Ddos October 1, 2025

Zero-Day PoC Published: Privilege Escalation Flaw in VMware Tools Used by Chinese APT

Ddos September 30, 2025

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EggStreme: New Fileless Malware from a Chinese APT Targets Philippine Military

Ddos September 12, 2025

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Ddos August 28, 2025

Inside UAT-7237, a Chinese APT Group Targeting Taiwan Chinese APT, cyberespionage

Inside UAT-7237, a Chinese APT Group Targeting Taiwan

Ddos August 18, 2025

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Ddos July 22, 2025

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382

Ddos May 22, 2025

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Ddos December 11, 2024

Chinese APTs Shift Tactics to Evade Detection and Maintain Stealth Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Chinese APTs Shift Tactics to Evade Detection and Maintain Stealth

Ddos November 21, 2024

Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks The observed connection between Listener.bat of Stately Taurus and ShadowPad

The observed connection between Listener.bat of Stately Taurus and ShadowPad

Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks

Ddos September 9, 2024

Chinese APTs Target ASEAN Entities, Stealing Sensitive Diplomatic and Economic Data axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Chinese APTs Target ASEAN Entities, Stealing Sensitive Diplomatic and Economic Data

Ddos March 26, 2024

Unit 42’s Discovery: Chinese APT’s Strategic Targeting in Cambodia

Ddos November 8, 2023

Critical Alert 1 Active Exploit Detected Today