China-linked Cyber Group Expands Targeting to Southeastern Europe

China-linked Cyber Group Expands Targeting to Southeastern Europe

First seen 9 Jan 2026, 01:51 UTC Bleepingcomputer 52% similarity 95.9

Article Content

Browse articles
ThreatCluster

A sophisticated threat actor known as UAT-7290, tracked by Cisco Talos, has expanded its operations to target telecommunications providers in Southeastern Europe. This group, which has been active since at least 2022, primarily focuses on cyber-espionage against telcos in South Asia and utilizes Linux-based malware along with an Operational Relay Box (ORB) infrastructure for initial access.

ThreatCluster AI

Community

Browse all →