China
-
FBI warns Americans about data risks from Chinese mobile apps
The FBI warned Americans about privacy and data security risks from foreign-developed mobile apps, especially those made by Chinese developers, saying some can collect extensive data and store it on servers in China.
-
China-linked APT31 used local cloud services and public tools to target Russian IT sector, Positive Technologies reports
Researchers at Positive Technologies say China-linked APT31 targeted Russian IT firms between 2024 and 2025, using Yandex Cloud and a mix of public and custom tools to maintain long-term access and exfiltrate data.
-
MI5 warns Chinese agents using social media and fake recruiters to target UK parliament and officials
MI5 has issued an espionage alert warning that Chinese intelligence officers are using social media and fake recruiters to cultivate people with access to sensitive UK information, Security Minister Dan Jarvis told parliament, and the government has removed Chinese-made surveillance equipment from sensitive sites.
-
China’s MSS says NSA carried out ‘premeditated’ cyber operation against national time service
China’s Ministry of State Security said in a WeChat post it uncovered ‘irrefutable evidence’ that the U.S. NSA carried out a multi-year cyber operation against the National Time Service Center, alleging credential theft, deployment of a platform with 42 tools, and attempts to disrupt timing systems; the MSS said Chinese agencies neutralized the activity.
-
Chinese state-sponsored group RedNovember exploited enterprise network gear in global campaign, researchers say
Recorded Future says a Chinese state-sponsored group called RedNovember ran a global espionage campaign from June 2024 to July 2025, exploiting vulnerabilities in enterprise network appliances to breach defense contractors, government agencies and other organizations and using publicly available tools to maintain persistent access.
-
Microsoft restricts Chinese firms’ access to vulnerability warnings amid SharePoint attacks
Microsoft has restricted certain Chinese firms from its vulnerability early warning program after concerns that data could be linked to a wave of SharePoint server attacks, sparking debate over governance and the global sharing of threat intelligence.
-
State-sponsored XenoRAT campaign targets South Korean embassies, researchers say
A Trellix-led analysis describes a multi-phase, state-sponsored XenoRAT espionage campaign targeting South Korean embassies, with links to North Korea’s Kimsuky and indications of possible China-based sponsorship. The operation has conducted at least 19 spearphishing attacks since March, delivering XenoRAT via password-protected ZIP archives and complex, multilingual lures.
-
China Accuses US of Cyberattacks Using Microsoft Zero-Day Vulnerability
China has alleged that U.S. intelligence agencies conducted cyberattacks on Chinese military enterprises, exploiting a Microsoft zero-day vulnerability. The accusations come amid heightened tensions and increasing allegations of cyber warfare between the two nations.
-
China-Linked APT41 Targets African IT Infrastructure in New Cyber Espionage Campaign
APT41, a Chinese-linked cyber espionage group, has launched a targeted campaign against government IT services in Africa, utilizing advanced malware techniques that involve a compromised SharePoint server for communication.
-
Chinese Cyber Syndicates Laundering Millions through India’s Financial System
A new report reveals that Chinese cyber syndicates are laundering over $580 million annually in India through illegal payment gateways and fake apps, posing a significant risk to the country’s financial security and economic trust.
