Chinese hackers install backdoors via Cisco email zero-day

Two groups linked to China are exploiting a newly discovered vulnerability in Cisco's email security products. The campaign involves zero-day attacks, highlighting ongoing cybersecurity risks. The issue was reported on December 19, 2025.

January 08, 2026 Iniulat ng AI

Cisco Talos has reported a China-linked threat actor known as UAT-7290 that has been spying on telecommunications companies since 2022. The group uses Linux malware, exploits on edge devices, and ORB infrastructure to maintain access to targeted networks.

Ongoing exploitation of the React2Shell vulnerability (CVE-2025-55182)—previously detailed in coverage of China-nexus and cybercriminal campaigns—now includes widespread Linux backdoor installations, arbitrary command execution, and large-scale theft of cloud credentials.

November 05, 2025 Iniulat ng AI

Pro-Russian hackers known as Curly COMrades are exploiting Microsoft's Hyper-V technology to embed lightweight Alpine Linux virtual machines within compromised Windows systems. This tactic allows them to run custom malware like CurlyShell and CurlCat undetected by traditional endpoint detection tools. The campaign, uncovered by Bitdefender in collaboration with the Georgian CERT, targets organizations in Europe and beyond.

Security researchers, first reporting via TechRadar in December 2025, warn WhatsApp's 3 billion users of GhostPairing—a technique tricking victims into linking attackers' browsers to their accounts, enabling full access without breaching passwords or end-to-end encryption.

December 11, 2025 Iniulat ng AI

Sa 2025, hindi nagbago ang mga anyo ng cyber threats sa Pilipinas; nanatiling tradisyunal na paraan tulad ng phishing at ransomware. Gayunpaman, ang artificial intelligence ay nagpataas ng dami at laki ng mga atake na ito, na humahantong sa 'industrialization of cybercrime'. Mga ulat mula sa iba't ibang firm ay nagpapakita ng pagtaas sa bilis, sukat, at dami ng mga insidente.