China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek.
Southeast Asian military organizations have been targeted in a China-linked cyberespionage campaign running for years, Palo Alto Networks reports.
Likely ongoing since at least 2020 and attributed to a state-sponsored threat actor tracked as CL-STA-1087, the activity shows a high degree of patience, as the attackers stayed dormant in the compromised environments for months.
“The attackers behind this cluster actively searched for and collected highly specific files concerning military capabilities, organizational structures, and collaborative efforts with Western armed forces,” Palo Alto Networks notes.
Related breach coverage
- Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure2026-03-26
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
- Notepad++ Supply Chain Hack Conducted by China via Hosting Provider2026-02-02
The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers. The post Notepad++ Supply Chain Hack Conducted by China via Hosting Provider appeared first on SecurityWeek.
- China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks2026-04-25
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.
- Apple Rolls Out DarkSword Exploit Protection to More Devices2026-04-02
The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Protection to More Devices appeared first on SecurityWeek.