China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

Related breach coverage

• China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
  2026-03-27

  China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly […]

• CL-STA-1087 targets military capabilities since 2020
  2026-03-17

  China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. “The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk […]

• New China-linked hackers breach telcos using edge device exploits
  2026-01-08

  A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe. [...]

• From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
  2026-03-04

  APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting […]