A New Chinese APT Takes the Stage
Active since at least 2022, UAT-7290 demonstrates a significant capacity for conducting deep-seated espionage while simultaneously functioning as an initial access group.
All topics
China
4 Posts
VMware Patches Bug Exploited By State Actors
The vulnerability (CVE-2025-41244) is easily exploitable, although it requires existing privileges on the target product.
US Gov Links Private Chinese Firms to Salt Typhoon Hacks
Salt Typhoon has not been observed exploiting zero-day flaws, but instead targeting known bugs in exposed network edge devices - some of which are years old.
Chinese Attackers Target SharePoint CVE-2025-53770
Three separate Chinese threat groups are exploiting a set of recently disclosed vulnerabilities in on-premises Microsoft SharePoint installations, and Microsoft and CISA are urging companies that haven’t yet updated their installations to do so as quickly as possible. Microsoft first published information about the two flaws (CVE-2025-53770 and CVE-2025-53771) on July 19 after seeing active […]