Unc6201 — Threat Actor Profile, Campaigns & Targets

Threat entity extracted from intelligence sources

Frequency
11
occurrences
First Seen
February 18, 2026
Last Seen
March 23, 2026

Unc6201 is a apt_group tracked across 2 threat clusters and 11 intelligence report mentions on ThreatCluster. First observed February 18, 2026; most recent activity March 23, 2026.

Related Threat Clusters

  • Chinese Hackers Exploit Dell Zero-Day Flaw CVE-2026-22769 Since Mid-2024

    A Chinese state-backed hacking group, UNC6201, has been exploiting a critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines since at least mid-2024. The flaw, tracked as CVE-2026-22769, features a…

    40 articles · Updated February 17, 2026
  • Rise of AI-Driven Scams Targeting UK SMEs

    UK small and medium-sized enterprises (SMEs) are increasingly vulnerable to sophisticated AI-driven scams, as highlighted by recent reports. The emergence of 'AI scams 2.0' combines traditional social engineering…

    704 articles · Updated March 12, 2026

Recent Intelligence Reports

  • Voice phishing skyrockets as smooth crims talk their way in — Theregister · March 23, 2026
  • Smooth criminals talking their way into cloud environments, Google says — Theregister · March 23, 2026
  • China-linked UNC6201 exploits 10.0 bug in Dell RecoverPoint for VMs since mid — Scworld · February 18, 2026
  • The Hacker - China-linked UNC6201 exploited a CVSS 10.0 (CVE-2026-22769) Dell ... — Facebook · February 18, 2026
  • Chinese APT Group Exploits Dell Zero — Infosecurity-Magazine · February 18, 2026
  • Dell RecoverPoint Zero — Feeds.Feedburner · February 18, 2026
  • Zero — Thecyberexpress · February 18, 2026
  • Dell 0-Day Vulnerability Exploited by Chinese Hackers since mid — Cybersecuritynews · February 18, 2026

CVSS v3.1 Breakdown