Sogou Pinyin is a organization tracked across 3 threat clusters and 2 intelligence report mentions on ThreatCluster. First observed November 19, 2025; most recent activity May 14, 2026.
Sogou Pinyin is a major Chinese technology company known for its Sogou Pinyin input method and related software. In cybersecurity, its widely deployed software ecosystem can become a surface for threat actors if distribution channels or endpoints are compromised, making the company significant due to its large user base in Chinese markets.
A months-long espionage campaign linked to the Chinese group Mustang Panda has been identified, utilizing an updated variant of the FDMTP backdoor. This campaign, tracked by Darktrace, began in late September 2025 and…
The Chinese hacking group PlushDaemon has been observed using a tool named EdgeStepper to hijack legitimate software updates, redirecting traffic to malicious servers. Active since at least 2018, PlushDaemon targets…
The China-linked threat actor PlushDaemon has been exploiting a new implant named EdgeStepper to hijack software update traffic. This cyberespionage operation has targeted various organizations across the United States,…