Taiwan
-
UAT-10362 targets Taiwanese NGOs with Lua malware in spear-phishing campaign
A previously undocumented threat cluster called UAT-10362 has targeted Taiwanese NGOs and suspected universities with spear-phishing emails carrying Lua-based malware, according to Cisco Talos. The campaign uses DLL side-loading, geofencing and layered dropper tools.
-
Google: APT24 Used New ‘BADAUDIO’ Malware in Years-Long Espionage Campaign
Google Threat Intelligence Group says a China-nexus actor tracked as APT24 used a previously undocumented downloader called BADAUDIO in a campaign from November 2022 into 2025, employing watering holes, supply-chain compromises and spear-phishing to deliver backdoors and second-stage payloads.
-
Taiwan Web Infrastructure Targeted by UAT-7237, Cisco Talos Says
Cisco Talos links a China-aligned APT cluster, UAT-7237, to attacks on Taiwan’s web infrastructure, using customized open-source tooling and a SoundBill shellcode loader to deploy backdoors and credentials-stealing utilities. The operation, active since 2022 and considered a sub-group of UAT-5918, also employs VPN persistence and RDP access, with updates to embed Mimikatz and broader lateral…
-
Chinese Cyber Espionage Campaign Targets Taiwanese Semiconductor Industry
Recent spear-phishing campaigns linked to Chinese state-sponsored groups are targeting Taiwan’s semiconductor industry, emphasizing the vital role of cybersecurity in this critical sector amidst escalating geopolitical tensions.
-
China Acknowledges Cyberattacks on U.S. Infrastructure Amid Growing Tensions
A recent report reveals that Chinese officials acknowledged their country’s involvement in cyberattacks on U.S. infrastructure during a meeting with U.S. officials. The admission comes amid rising tensions over Taiwan and highlights China’s cyber operations strategy. In related news, Alibaba Cloud expands overseas while India implements a significant subsidy scheme for electronics manufacturing.
