China-linked hackers plant stealth malware deep in global telecom networks: Report - Yes Punjab News Report warns of China-linked hackers using stealth malware like BPFdoor to infiltrate global telecom networks for long-term espionage.

China-linked hackers plant stealth malware deep in global telecom networks: Report yespunjab.com?p=233499

#CyberSecurity #ChinaHackers #BPFdoor #TelecomSecurity #CyberThreat #Rapid7 #DataSecurity #GlobalTech #Hacking #DigitalEspionage #TechNews #BreakingNews

China-Linked Hackers Exploit Middle East Conflict to Launch Cyberattacks on Qatar   A recent investigation by Check Point Research has uncovered a surge in cyberattacks targeting Qatar, orchestrated by China-linked threat actors such as the Camaro Dragon group. These campaigns are cleverly disguised as breaking news related to escalating tensions in the Middle East, allowing attackers to lure unsuspecting victims. The attacks began on March 1, 2026, immediately following the launch of Operation Epic Fury. This timing highlights how quickly cyber espionage groups adapt to global developments, weaponizing real-time events to enhance the credibility of their phishing attempts. Researchers observed that hackers distributed malicious files masquerading as urgent news updates. One such file was labeled “The destruction caused by an Iranian missile strike around the US base in Bahrain.” By leveraging heightened public interest during crises, attackers significantly increased the likelihood of user interaction. Once opened, the file initiates a complex infection chain. It connects to a compromised server to retrieve additional payloads and employs DLL hijacking techniques to embed malware within legitimate software. In this case, attackers used the trusted Baidu NetDisk application to secretly deploy the PlugX backdoor. This malware enables attackers to steal sensitive files, log keystrokes, and capture screenshots. Investigators also found that the campaign used a decryption key labeled “20260301@@@,” linking it to earlier operations targeting Turkey’s military in late December—indicating a shift in focus rather than entirely new tactics. Beyond military-themed lures, attackers also targeted Qatar’s critical oil and gas infrastructure. A password-protected archive titled “Strike at Gulf oil and gas facilities.zip” was used to deliver malicious payloads. The content inside reportedly included low-quality, AI-generated material impersonating official Israeli sources to appear legitimate. In a sophisticated twist, the attackers concealed malicious code within components of NVDA, a widely trusted accessibility tool. This approach helps evade detection by security systems. The ultimate objective was to deploy Cobalt Strike—a legitimate tool often used by cybersecurity professionals, but frequently abused by threat actors to map networks and facilitate deeper intrusions. According to researchers, these intrusions “highlight how rapidly China-nexus espionage actors can pivot” in response to global developments. By blending malicious activity with fast-moving crisis communications, attackers aim to operate undetected while collecting strategic intelligence. China-linked groups are not the only actors exploiting the current geopolitical climate. Another hacking group, MuddyWater, has also been observed targeting U.S. and Israeli entities using a newly identified malware strain known as DinDoor, further intensifying the cyber threat environment surrounding the conflict.

China-Linked Hackers Exploit Middle East Conflict to Launch Cyberattacks on Qatar #CamaroDragon #ChinaHackers #CobaltStrikeattack

China's Salt Typhoon hackers broke into Norwegian companies | TechCrunch Norway's government accused China’s Salt Typhoon hacking group of conducting a cyberespionage campaign in the country.

China’s Salt Typhoon hackers broke into Norwegian companies #Technology #Cybersecurity #ChinaHackers #CyberThreats #DataBreach

techcrunch.com/2026/02/06/chinas-salt-t...

CISA uncovers BRICKSTORM backdoor used by Chinese state-sponsored hackers to infiltrate U.S. systems. #CyberSecurity #BRICKSTORM #APT #ChinaHackers #CISA Link: thedailytechfeed.com/chinese-hack...

Log4j to IIS China's Hackers Turn Legacy Bugs into Global Espionage Tools exploitation were successful read more about From Log4j to IIS China's Hackers Turn Legacy Bugs into Global Espionage Tools

From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools reconbee.com/log4j-to-iis...

#Log4j #IIS #chinahackers #chinesehackers #legacybugs #globalespionagetools #cyberattack

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks mid-October 2024 read more about CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks reconbee.com/cisa-flags-v...

#CISA #VMware #zerodayexploit #chinahackers #chinesehackers #hacking #hacked #cyberattack

🚨 Menace cyber majeure en Asie : PlugX et Bookworm ciblent les télécoms. Nouveaux algorithmes de chiffrement et techniques d'évasion sophistiquées. #Cybersécurité #APT #ChinaHackers #PlugX #Bookworm lynxintel.io/menaces-plugx-et-bookwor...

Microsoft has issued a critical warning about Chinese state-backed hackers exploiting security flaws in its SharePoint software, targeting government agencies and private organizations worldwide.

#Microsoft #CyberSecurity #SharePoint #DataBreach #ChinaHackers

Chinese hackers breach more US telecoms via unpatched Cisco routers China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices.

🚨 Chinese hackers strike again! Salt Typhoon breached multiple U.S. telecoms via unpatched Cisco routers, exploiting CVE-2023-20198 & CVE-2023-20273. Experts warn: Patch now! 🛡️

🔗 https://buff.ly/3Qhvam4

@BleepinComputer @RecordedFuture @CiscoSecure
#CyberSecurity #ThreatIntel #ChinaHackers

US Treasury says Chinese hackers stole documents in 'major incident' Chinese state-sponsored hackers broke into the U.S. Treasury Department earlier this month and stole documents from its workstations, according to a letter to lawmakers that was provided to Reuters on Monday.

Chinese state-sponsored hackers accessed unclassified Treasury documents via a compromised BeyondTrust key. Treasury calls it a "major incident," working with CISA & FBI. Beijing denies involvement. #CyberSecurity #APT #ChinaHackers www.reuters.com/technology/c...

#ChinaHackers

FBI warns against using two-factor text authentication In a new memo, the agency said SMS for authentication codes is “not phishing-resistant.”

Don't fall for it ... protect yourselves!
#ChinaHackers

www.newsnationnow.com/business/tec...

Chinese Hacker Indicted for Global Firewall Attacks – $10M Reward Offered! - #WorldEye

youtu.be/R8XSOl37Cxw

#HackerIndictment #Cybersecurity #FirewallHacking #Sophos #CyberAttack #USRewards #ChinaHackers #DataTheft #Malware #SichuanSilence #FBI #CyberCrime #GlobalHacking #TechSecurity