Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
Description: The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation." PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People's Republic of China (PRC
Source: TheHackerNews
January 15th, 2025 (5 months ago)
As Tensions Mount With China, Taiwan Sees Surge in Cyberattacks
Description: In 2024, the Taiwanese government saw the daily average of attempted attacks by China double to 2.4 million, with a focus on government targets and telecommunications firms.
Source: Dark Reading
January 15th, 2025 (5 months ago)
China's UNC5337 Exploits a Critical Ivanti RCE Bug, Again
Description: New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.
Source: Dark Reading
January 10th, 2025 (5 months ago)
Akamai to quit its CDN in China, seemingly not due to trouble from Beijing
Source: TheRegister
January 9th, 2025 (5 months ago)
Japanese police claim China ran five-year cyberattack campaign targeting local orgs
Source: TheRegister
January 9th, 2025 (5 months ago)
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
Description: Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The primary objective of the attack campaign is to steal information related to Japan's national
Source: TheHackerNews
January 9th, 2025 (5 months ago)
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
Description: A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
Source: TheHackerNews
January 8th, 2025 (5 months ago)
China's Salt Typhoon Adds Charter, Windstream to Telecom Victim List
Description: These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.
Source: Dark Reading
January 6th, 2025 (5 months ago)
Charter and Windstream Join List of U.S. Telcos Hacked by China
Description: Chinese state-sponsored hacking group Salt Typhoon also hacked Charter Communications and Windstream Holdings. The revelation, which was made in an exclusive Wall Street Journal report, marks a significant escalation in a campaign targeting America’s critical communications infrastructure, now encompassing nine major telecom providers. The breach, linked to Chinese intelligence operatives, exploited unpatched vulnerabilities and weak … The post Charter and Windstream Join List of U.S. Telcos Hacked by China appeared first on CyberInsider.
Source: CyberInsider
January 6th, 2025 (5 months ago)
EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets
Description: The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.
Source: Dark Reading
January 6th, 2025 (5 months ago)