Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms
China-linked UNC3886 targeted all four major telecom providers, but did not disrupt services or access customer information. The post Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms appeared first on SecurityWeek.
All four major telecommunications providers in Singapore were targeted last year by a Chinese APT, according to Singapore’s cybersecurity agency CSA and its development agency IMDA.
The attack, initially disclosed in July, was attributed to UNC3886, a cyberespionage group active since at least 2021, which is known for targeting vulnerabilities in Ivanti, Juniper, and VMware products.
“UNC3886 launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector. All four of Singapore’s major telecommunications operators – M1, SIMBA Telecom, Singtel and StarHub – have been the target of attacks,” CSA says.
Related breach coverage
- China-linked APT UNC3886 targets Singapore telcos2026-02-10
China-linked group UNC3886 targeted Singapore ’s telecom sector in a cyber espionage campaign, Singapore’s Cyber Security Agency revealed. Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) ran Operation CYBER GUARDIAN to protect the telecom sector. Since July 2025, investigations showed China-linked UNC3886 launched a targeted campaign against all four major […]
- Dozens of Major Data Breaches Linked to Single Threat Actor2026-01-06
The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek.
- China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks2026-04-25
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.
- QNAP Patches Four Vulnerabilities Exploited at Pwn2Own 2026-03-23
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior. The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.