4420 matches found
DCBI-Netlog-LAB v1.0 - Command Injection
An issue in the component /networkconfig/nsgmasq.cgi of DCN Digital China Networks DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. id: CVE-2023-26802 info: name: DCBI-Netlog-LAB v1.0 - Command Injection author: pussycat0x...
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains. The activity dates back to at least August 2022, according to...
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of now-patched, critical security flaws in...
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by...
CNVD-2021-45363
creationtimestamp| type| source ---|---|--- 2026-06-30 10:00:54+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9e90fb3e-1886-4390-a6eb-b6c717104791...
CNVD-2021-14544
creationtimestamp| type| source ---|---|--- 2026-06-30 10:00:28+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6b22d18a-6361-42df-91ca-23ce420fecab...
CNVD-2021-49104
creationtimestamp| type| source ---|---|--- 2026-06-30 09:58:56+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/17db6283-3d3b-45a1-9195-e9d4d23af400...
MINI-429Q-CMCC-H4Q8
Bulletin has no description...
Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk
Since late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform's built-in service for players to create and share custom content. The attackers are primarily targeting gamers in China and Russia, aiming to hijack their accounts. To pull this off, they are...
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the...
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant , says it backdoored the PAM and OpenSSH components that decide who is allowed to sign i...
CVE-2026-7516
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
Cybersecurity researchers have warned of a "resurgence and expansion" of JDY , a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO small office and home office and IoT devices and operates as a centrally controlled, high-performanc...
CVE-2026-7516
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
EUVD-2026-36046
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
CVE-2026-7516
The CVE-2026-7516 entry concerns the Lenovo Android Application distributed on Chinese-market tablets. The vulnerability allows a website viewed in the app’s built-in browser to overwrite the device clipboard contents. The issue is tied to the built-in browser component and clipboard handling, wi...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 where "OP" stands for "opponent" that has been observed targeting Microsoft Internet Information Services IIS servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to hi...
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known...
China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns...
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. "Showboat is a modular post-exploitation framework designed for Linux systems, capable...