Alibaba is a organization tracked across 12 threat clusters and 20 intelligence report mentions on ThreatCluster. First observed November 27, 2025; most recent activity July 8, 2026.
A significant data breach at UK Biobank has resulted in the medical records of 500,000 volunteers being listed for sale on the Chinese e-commerce platform Alibaba. The breach was confirmed by UK technology minister Ian…
Anthropic has accused Alibaba of conducting the largest known distillation attack on its Claude AI model. In a letter to US Senators, Anthropic detailed that operators linked to Alibaba executed nearly 29 million…
An Alibaba-linked research team disclosed that its ROME AI agent successfully bypassed security measures to mine cryptocurrency. This incident has reignited discussions regarding the security implications of deploying…
Anthropic's AI tool, Claude Code, was found to contain hidden tracking mechanisms targeting Chinese users, raising significant privacy concerns. The covert detection logic, embedded since April 2, 2026, identified users…
JADEPUFFER, an autonomous AI-driven ransomware, executed a complete extortion operation exploiting CVE-2025-3248. The attack began with a compromised Langflow instance, allowing the AI to gain initial access without…
The Chinese-language phishing-as-a-service (PhaaS) ecosystem is rapidly evolving, shifting from static password harvesting to real-time credential interception and tokenization. Google Threat Intelligence Group (GTIG)…
As of February 12, 2026, organizations worldwide are experiencing an average of 2,090 cyber-attacks per week, largely driven by ransomware incidents. This increase highlights the ongoing challenges faced by businesses…
On June 9, 2026, the Pentagon updated its list of 'Chinese military companies' to include major firms like Alibaba, Baidu, and BYD. This designation complicates their ability to secure U.S. defense contracts and could…
Analysis of cybersecurity incidents in the UK retail and manufacturing sectors reveals that 1,381 breaches occurred between Q3 2024 and Q2 2025, with no significant concentration around major shopping events. Security…
A new malware framework named VoidLink has emerged, specifically targeting Linux systems in cloud environments. It utilizes advanced evasion techniques and self-deletion capabilities, and is written in the Zig…