Vulnerability Exploits
3 articles in this category
China-Linked Hackers Exploit Legacy Vulnerabilities for Global Espionage Campaigns
A China-linked threat actor exploited multiple CVEs in April 2025 to target a U.S. non-profit organization, establishing long-term persistence. Other Chinese hacking groups have also launched campaigns across global sectors using advanced techniques like AitM attacks and IIS server compromises.
Samsung Zero-Day Flaw Exploited to Deploy LANDFALL Android Spyware in Middle East
A critical Samsung Galaxy vulnerability (CVE-2025-21042) was exploited as a zero-day to deploy the LANDFALL spyware via WhatsApp images, targeting users in the Middle East before a patch in April 2025.
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems
A China-linked cyber espionage group, Tick, is exploiting a critical zero-day vulnerability (CVE-2025-61932) in Motex Lanscope Endpoint Manager to hijack corporate systems, deploy backdoors, and exfiltrate data, as revealed by cybersecurity firm Sophos.