Lucene search
K

9 matches found

The Hacker News
The Hacker News
added 2026/06/12 6:17 p.m.36 views

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant , says it backdoored the PAM and OpenSSH components that decide who is allowed to sign i...

6.7CVSS5.8AI score0.04271EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2025/01/16 9:49 a.m.10 views

PlugX malware deleted from thousands of systems by FBI

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the People’s Republic of China PRC used a version of PlugX malware to control, and steal information from victims' computers. PlugX h...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 2:33 p.m.26 views

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 CVSS score: 9.3, has been described as an improper access contr...

7.2AI score0.15593EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 4:13 p.m.38 views

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliances and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the...

6.7CVSS8.2AI score0.04271EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/07/02 4:48 a.m.80 views

Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware

A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 CVSS score: 6.0, concerns a case of command injection that allows an authenticated, local...

9.8CVSS6.7AI score0.82714EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.3 views

PT-2024-4435

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software versions prior to the fixed version Description A vulnerability in the Command Line Interface CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary...

6.7CVSS7.2AI score0.04271EPSS
Exploits1References98
hivepro
hivepro
added 2024/06/21 12:45 a.m.9 views

F5 BIG-IP Exploited in Three-Year Espionage Campaign by Velvet Ant

...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/06/19 9:30 a.m.23 views

Chinese Velvet Ant Hackers Target F5 Devices in Years-Long Espionage

Discover how China-linked Velvet Ant APT exploited F5 BIG-IP devices for years undetected. Sygnia's detailed analysis exposes tactics used to maintain persistence and evade detection, offering crucial insights for organizations to bolster their cybersecurity defenses against similar threats...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/17 11:59 a.m.53 views

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...

7.9AI score
Exploits0
Rows per page
Query Builder