Chinese Apt – TheCyberThrone

Velvet Ant APT exploits Cisco bug CVE-2024-20399

Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices. Last month, Cisco addressed the NX-OS zero-day…

PravinKarthik August 24, 2024

ToddyCat – Chinese APT in Action with Stayin Alive Campaign

Researchers have discovered a new malicious espionage campaign “Stayin’ Alive’” is targeting telecommunications organizations and governments across Central and Southeast Asia tagged to the group ToddyCat. ToddyCat is a Chinese-affiliated…

PravinKarthik October 12, 2023

Flax Typhoon APT Group into Limelight

Security researchers from Microsoft discovered a China-based APT group focused on espionage has targeted organizations in Taiwan. The group goes by the name Flax Typhoon, active since mid-2021 and is…

PravinKarthik August 28, 2023

Volt Typhoon rooted deep in to US Infrastructure

Two major cyber headaches rocking US authorities over the weekend are the widespread and still unresolved Chinese campaign known as Volt Typhoon targeting military bases, and the other an insider…

PravinKarthik August 1, 2023

Chinese APT Masterminding SmugX Campaign

Researchers have spotted a Chinese APT campaign targeting European government entities focused on foreign and domestic policies that uses HTML smuggling, a technique in which attackers hide malicious payloads inside…

PravinKarthik July 5, 2023

Volt Typhoon ⚡️ APT Exploits Zoho Vulnerability

Researchers discovered Chinese state-backed APT Volt Typhoon has been spotted using a critical vulnerability in Zoho's ManageEngine ADSelfService Plus, a single sign-on and password management solution. Volt Typhoon came in…

PravinKarthik June 27, 2023

Chinese Alloy Taurus Uses New Variant of PingPull Malware

Researchers discovered a new Linux variant of the PingPull malware used by Chinese APT group Alloy Taurus (Gallium) has been reported as an active threat to telecommunications, finance, and government…

PravinKarthik April 28, 2023

Mustang Panda Uses MQsTTang Backdoor

The Chinese cyberespionage group Mustang Panda, aka TA416, has seen deploying a new custom backdoor named ‘MQsTTang’ in its attacks. Researchers discovered MQsTTang backdoor as part of a campaign targeting…

PravinKarthik March 3, 2023