Chinese Hackers Exploit Web Hosting Infrastructure for Cyberattacks

Threat Score:
63
GB Hackers
15 hours ago

Overview

Chinese Hackers Exploit Web Hosting Infrastructure for Cyberattacks Cisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in Taiwan since at least 2022. The group demonstrates significant operational overlaps with previously identified threat actor UAT-5918, suggesting coordinated activities under a broader threat umbrella while employing distinct tactics to ...

Related Articles

5 articles
2

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

The Hacker News 14 hours ago

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.iosaidin a report. ERMAC wasfirst documentedby ThreatFabric in September 2021, detailing its ability to cond

Score
75
Read more
3

Government papers found in an Alaskan hotel reveal new details of Trump-Putin summit

Databreaches 5 hours ago

For the “No need to hack when it’s leaking” and the “our government is our insider threat” files, Chiara Eisner of NPR reports: Papers with U.S. State Department markings, found Friday morning in the business center of an Alaskan hotel, revealed previously undisclosed and potentially sensitive details the Aug. 15 meetings between President Donald... Source

Score
74
Read more
4

Google Awards $250,000 Bounty for Chrome RCE Vulnerability Discovery

Cybersecurity News 9 hours ago

Google has awarded a record-breaking $250,000 bounty to security researcher “Micky” for discovering a critical remote code execution vulnerability in Chrome’s browser architecture.  The vulnerability allowed malicious websites to escape Chrome’s sandbox protection and execute arbitrary code on victim systems.  Key Takeaways1.Google paid researcher "Micky" a record amount for finding a critical Chrome vulnerability.2.The bug […]

Score
73
Read more
5

PoC Released for Fortinet FortiSIEM Command Injection Flaw

GB Hackers 9 hours ago

PoC Released for Fortinet FortiSIEM Command Injection Flaw Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems without any credentials. The vulnerability, designatedCVE-2025-25256, has already been exploited by attackers in real-world scenarios, raising urgent concerns the security of critical infrastructure monitoring tools. Enterpris

Score
72
Read more