PlugX Archives • Daily CyberSecurity

From Taiwan to Tehran: How TA416 Pivots its PlugX Backdoor to Global Flashpoints TA416 PlugX Backdoor

From Taiwan to Tehran: How TA416 Pivots its PlugX Backdoor to Global Flashpoints

Do Son April 8, 2026

A new intelligence report from Proofpoint reveals that TA416, a sophisticated threat actor aligned with Chinese state...

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX

Do Son March 10, 2026

Following recent regional escalations, researchers have identified a sharp increase in activity from Chinese-nexus APT (Advanced Persistent...

Unmasking the Shadows: A Global Hunt for PlugX Staging Infrastructure Mustang Panda C2 Procurement

Unmasking the Shadows: A Global Hunt for PlugX Staging Infrastructure

Do Son March 6, 2026

A new investigative report from threat researcher @goyaramen has shed light on a sophisticated C2 procurement strategy...

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading UNC6384 PlugX, LNK Exploit

Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading

Do Son November 3, 2025

Researchers at Arctic Wolf Labs have uncovered an extensive cyber espionage campaign by UNC6384, a Chinese-affiliated threat...

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Chinese APT Launches Spearphishing Campaign, Using Fake Cloudflare Lure to Deliver PlugX Malware

Do Son October 7, 2025

A new report from StrikeReady Labs has revealed a sophisticated spear-phishing campaign targeting European governmental and aviation...

Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs CVE-2024-41988 & CVE-2024-41987

Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs

Do Son September 24, 2025

Researchers at Cisco Talos have uncovered a long-running espionage campaign active since 2022, targeting the telecommunications and...

BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign DragonRank - BadIIS malware

BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign

Do Son September 15, 2024

A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group...

Earth Preta’s Cyber Arsenal Expands: New Malware and Strategies Target APAC Governments

Do Son September 10, 2024

A new report from Trend Micro has revealed that Earth Preta, the notorious cyber espionage group, has...

France Leads International Effort to Eradicate PlugX Trojan from 3,000 Systems

Do Son July 26, 2024

A large-scale operation to remove the PlugX trojan from infected devices has commenced in six countries. This...

Urgent Security Alert: HFS Servers Under Attack, Patch Now! HFS Servers Attack

Urgent Security Alert: HFS Servers Under Attack, Patch Now!

Do Son July 3, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a critical warning for all users of HTTP File...

China-Linked Mustang Panda Targets Vietnamese Entities in Cyber Espionage Campaign

Do Son June 10, 2024

Vietnamese organizations and individuals have become the latest targets of Mustang Panda, a notorious Chinese cyber espionage...

PlugX malware: The Enigma of Cyber Espionage Unveiled LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

PlugX malware: The Enigma of Cyber Espionage Unveiled

Do Son December 11, 2023

In the shadowy world of cyber threats, PlugX stands out as a sophisticated and insidious malware, leaving...

Higaisa Hacker Targets Chinese Users with Deceptive OpenVPN Clone

Do Son October 30, 2023

Cybersecurity researchers at Cyble have issued warnings about a fresh wave of attacks targeting Chinese internet users,...

Critical Alert 1 Active Exploit Detected Today