Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
43 articles

#China

All CosmicBytez Labs articles tagged #China, across news, security advisories, how-to guides, and projects.

  • NewsJul 17, 2026

    GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

    Cybersecurity researchers at Expel have attributed the April 2026 DigiCert security incident to CylindricalCanine, a sub-group of the Chinese APT known as GoldenEyeDog (APT-Q-27, Dragon Breath). The threat actors stole code-signing certificates to legitimize malicious software.

  • NewsJul 11, 2026

    China and India-Linked Hackers Both Targeted the Same Pakistani Police Force

    SentinelOne researchers discovered that threat actors linked to both China and India independently targeted the Balochistan Police force in Pakistan for...

  • NewsJul 11, 2026

    Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

    SentinelOne researchers have uncovered two years of sustained cyberespionage against Pakistani law enforcement — with China-nexus and India-nexus threat...

  • NewsJul 10, 2026

    China and India Ran Separate Spying Campaigns Against the Same Pakistani Police Force

    SentinelOne Labs uncovered parallel nation-state espionage operations by China-linked and India-linked threat actors targeting Pakistani law enforcement,...

  • NewsJul 8, 2026

    China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

    Cisco Talos researchers have identified new LONGLEASH malware deployed by Chinese APT group UAT-7810 to expand its Operational Relay Box network,...

  • NewsJul 5, 2026

    Chinese LLMs Broaden the Gap Between Attackers & Defenders

    China's GLM 5.2 finds vulnerabilities at $0.17 each and outperforms frontier Western models on security benchmarks — while AI-enabled adversary activity...

  • NewsJun 29, 2026

    Iran, Russia, and China Target Water Systems for Sabotage

    Nation-state attackers from Iran, Russia, and China are breaching water utility systems through weak passwords, exposed PLCs, and poor network...

  • NewsJun 28, 2026

    In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs

    Qihoo 360 unveils Tulongfeng — a Chinese rival to Anthropic's Mythos AI vulnerability finder; the World Leaks ransomware group dumps 630 GB from Tata...

  • NewsJun 27, 2026

    Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

    A Chinese-speaking advanced persistent threat actor has launched targeted attacks against government entities and critical infrastructure in Southeast...

  • NewsJun 21, 2026

    China-Nexus Actor Spies on US Researchers Undetected for a Year

    Google's Threat Intelligence Group discovered and disrupted a sprawling China-nexus espionage campaign that stole RedCAP credentials to silently breach...

  • NewsJun 21, 2026

    Google Exposes China Espionage Group UNC6508 Lurking in Networks Since 2023

    Google's Threat Intelligence Group has unmasked UNC6508, a China-linked espionage actor that silently maintained access to critical infrastructure and...

  • NewsJun 15, 2026

    Chinese Hackers Breach REDCap Servers, Steal Medical Research Data

    A China-linked espionage campaign targeted exposed REDCap servers, deploying the InfiniteRed malware to steal sensitive medical research data from a North...

  • NewsJun 14, 2026

    FBI Dismantles Massive AI-Powered Chinese Phishing-as-a-Service Operation

    The FBI, Google, and Black Lotus Labs jointly dismantled Outsider Enterprise, a massive Chinese phishing-as-a-service platform that operated over one...

  • NewsJun 13, 2026

    China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

    Sygnia researchers uncovered Velvet Ant, a China-nexus APT that spent close to a decade hidden inside Linux authentication infrastructure by backdooring...

  • NewsJun 13, 2026

    Chinese Hackers Hijack Auth Flow, Spy on Isolated Network for a Decade

    Chinese state-sponsored hackers seized complete control of a target organization's authentication infrastructure and maintained undetected access for ten...

  • NewsJun 5, 2026

    Chinese APT UNC5221 Deploys Three New Malware Families to Maintain M365 Access

    Chinese espionage group UNC5221 is actively using the Brickstorm backdoor alongside two newly discovered malware families — Plenet and AgentPSD — to maintain…

  • NewsJun 1, 2026

    China-Aligned Groups Ramp Up Attacks: Operation Dragon Weave Hits Czech Republic and Taiwan

    Security researchers at Seqrite Labs have uncovered Operation Dragon Weave, a new China-aligned cyber espionage campaign targeting government, research…

  • NewsMay 28, 2026

    Chinese-Speaking Fraud Gang Targets 2026 World Cup Fans with 4,300 Fake FIFA Domains

    A Chinese-speaking cybercriminal group has registered over 4,300 fraudulent domains impersonating FIFA's official web presence since August 2025,...

  • NewsMay 13, 2026

    China's 'FamousSparrow' APT Nests in South Caucasus Energy

    The China-linked threat group FamousSparrow has expanded its targeting to an Azerbaijani oil and gas company, marking a shift beyond its traditional...

  • NewsApr 29, 2026

    US & China Partner on Scam Center Takedown in Dubai

    In a rare show of bilateral cooperation, the US Justice Department and Chinese authorities jointly dismantled a major cryptocurrency investment fraud scam...

  • NewsApr 26, 2026

    China-Linked GopherWhisper Infects 12 Mongolian Government

    A previously undocumented China-aligned APT group tracked as GopherWhisper has targeted Mongolian governmental institutions, deploying a wide array of...

  • NewsApr 25, 2026

    China-Linked APT GopherWhisper Abuses Legitimate Services

    A newly identified Chinese advanced persistent threat group dubbed GopherWhisper has been deploying multiple Go-based backdoors alongside custom loaders...

  • NewsApr 25, 2026

    Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

    Zscaler ThreatLabz has uncovered a Tropic Trooper (APT23) campaign that delivers the AdaptixC2 post-exploitation beacon via trojanized SumatraPDF...

  • NewsApr 11, 2026

    In Other News: Cyberattack Stings Stryker, Windows

    A weekly roundup of notable cybersecurity stories: Iran-linked hackers wipe 200,000 Stryker devices, the BlueHammer Windows zero-day PoC goes public,...

  • NewsApr 7, 2026

    China-Linked Storm-1175 Chains Zero-Days for High-Velocity

    A China-based threat cluster designated Storm-1175 has been linked to high-velocity ransomware attacks deploying Medusa payloads using chained zero-day...

  • NewsApr 7, 2026

    Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

    Microsoft says the financially motivated cybercrime group Storm-1175, linked to China, has exploited N-day and zero-day vulnerabilities in high-velocity...

  • NewsApr 6, 2026

    Microsoft Links Storm-1175 to Medusa Ransomware Zero-Day

    Microsoft has formally attributed Medusa ransomware zero-day attacks to Storm-1175, a China-based financially motivated cybercriminal group that has...

  • NewsMar 30, 2026

    Three China-Linked Clusters Target Southeast Asian

    Three threat activity clusters aligned with China jointly targeted a Southeast Asian government organization in a complex, well-resourced espionage...

  • NewsMar 14, 2026

    OpenClaw AI Agent Flaws Enable Prompt Injection, 1-Click

    China's CNCERT has warned that OpenClaw (formerly Clawdbot/Moltbot), the viral self-hosted AI agent, carries over 250 disclosed vulnerabilities including...

  • NewsMar 6, 2026

    Google: 90 Zero-Days Exploited in 2025 — Enterprise Tech

    Google's Threat Intelligence Group tracked 90 zero-day vulnerabilities actively exploited in 2025, with enterprise software and appliances accounting for...

  • NewsFeb 28, 2026

    Google Disrupts Massive Chinese Espionage Campaign

    Google's Threat Intelligence Group dismantles UNC2814, a China-linked operation that deployed a novel backdoor called GRIDTIDE abusing Google Sheets API...

  • NewsFeb 27, 2026

    Leaked Documents Reveal China's 'Expedition Cloud' Cyber

    Technical documents leaked from a malware-infected developer device expose a Chinese military-linked training platform that replicates the critical...

  • NewsFeb 24, 2026

    Anthropic Exposes Industrial-Scale AI Distillation Attacks

    Anthropic revealed that three Chinese AI companies — DeepSeek, Moonshot AI, and MiniMax — orchestrated industrial-scale distillation campaigns using...

  • NewsFeb 18, 2026

    Notepad++ Supply Chain Attack Attributed to China-Linked

    Notepad++ releases emergency v8.9.2 patch after a China-linked APT group hijacked the update mechanism for six months, deploying the Chrysalis backdoor to...

  • SecurityFeb 18, 2026

    Dell RecoverPoint Zero-Day Exploited by Chinese APT Since

    A maximum-severity CVSS 10.0 hardcoded credentials vulnerability in Dell RecoverPoint for VMs has been under active exploitation by China-nexus threat...

  • NewsFeb 17, 2026

    Alibaba Launches Qwen 3.5 — Claims to Outperform GPT-5.2

    Alibaba Cloud unveils Qwen 3.5, a 397-billion-parameter Mixture-of-Experts AI model with native multimodal capabilities, claiming 60% lower costs and...

  • NewsFeb 13, 2026

    All Four Major Nation-State Adversaries Now Weaponizing

    Google reports that APT groups from China, Russia, Iran, and North Korea are all actively using Gemini AI for cyber operations including target...

  • NewsFeb 10, 2026

    China-Linked UNC3886 Breaches All Four Singapore Telecom

    Singapore discloses that APT group UNC3886 compromised all four major telecom providers using zero-day exploits and rootkits, triggering the nation's...

  • SecurityFeb 10, 2026

    Lotus Blossom APT Compromises Notepad++ Updates to Deploy

    China-linked Lotus Blossom hijacked Notepad++ software updates for six months, selectively delivering the Chrysalis backdoor to government and IT targets...

  • SecurityFeb 10, 2026

    UNC3886 Zero-Day Campaign: Singapore Telecom Operators

    Singapore discloses that APT group UNC3886 conducted a targeted espionage campaign against M1, SIMBA, Singtel, and StarHub using a previously unknown...

  • SecurityFeb 10, 2026

    WinRAR Path Traversal Flaw CVE-2025-8088 Actively Exploited

    Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...

  • NewsFeb 3, 2026

    Senator Demands AT&T, Verizon CEOs Testify Over Salt

    Senate Commerce Committee Chair Maria Cantwell accuses AT&T and Verizon of blocking Mandiant security reports related to the Salt Typhoon campaign,...

  • SecurityJan 22, 2026

    China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape VMs

    Sophisticated attack chain leverages compromised SonicWall VPN and VMware ESXi vulnerabilities to break out of virtual machine isolation and compromise...