Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
IPany VPN breached in supply-chain attack to push custom malware
Description: South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware. [...]
Source: BleepingComputer
January 22nd, 2025 (5 months ago)
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
Description: A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. "The attackers replaced the legitimate installer with one that also deployed the group's signature implant that we have named SlowStepper – a
Source: TheHackerNews
January 22nd, 2025 (5 months ago)
Hackers game out infowar against China with the US Navy
Source: TheRegister
January 20th, 2025 (5 months ago)
US Ban on Automotive Components Could Curb Supply Chain
Description: The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats.
Source: Dark Reading
January 20th, 2025 (5 months ago)
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
Description: The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent
Source: TheHackerNews
January 18th, 2025 (5 months ago)
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Description: Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data
Source: TheHackerNews
January 17th, 2025 (5 months ago)
GDPR complaints filed against TikTok, Temu for sending user data to China
Description: Non-profit privacy advocacy group "None of Your Business" (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for unlawfully transferring European user's data to China and infringing European Union's general data protection regulation (GDPR). [...]
Source: BleepingComputer
January 16th, 2025 (5 months ago)
GDPR Complaints Filed Against TikTok, Xiaomi, Over Data Transfers
Description: European privacy advocacy group noyb has filed six General Data Protection Regulation (GDPR) complaints against major Chinese tech companies, including TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for allegedly transferring Europeans' personal data to China in violation of EU law. The complaints, lodged in five different countries, argue that China's authoritarian surveillance state lacks adequate … The post GDPR Complaints Filed Against TikTok, Xiaomi, Over Data Transfers appeared first on CyberInsider.
Source: CyberInsider
January 16th, 2025 (5 months ago)
China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says
Source: TheRegister
January 15th, 2025 (5 months ago)
miyako Claims to be Selling an Unidentified Telecom Data Center in China
Description: miyako Claims to be Selling an Unidentified Telecom Data Center in China
Source: DarkWebInformer
January 15th, 2025 (5 months ago)