You must login to view this content
CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released a joint Cybersecurity Advisory on People’s Republic of China (PRC) state-sponsored Advanced Persistent Threat (APT) actors targeting critical infrastructure across sectors and continents to maintain persistent, long-term access to networks.
This advisory builds on previous reporting and is based on real-world investigations conducted across multiple countries through July 2025. While the activity observed overlaps with industry reporting on the group known as Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor, among others, the advisory refers to them generically as APT actors to focus on the behavior, not the alias.
These APT actors are exploiting vulnerabilities in the large backbone routers of telecommunications providers—specifically provider edge and customer edge routers that often lack visibility and are difficult to monitor—to gain and maintain persistent access, particularly in telecommunications, government, transportation, lodging, and defense networks. They often modify router firmware and configurations to evade detection and establish long-term footholds.
CISA and authoring partners strongly urge network defenders, particularly those in high-risk sectors, to hunt for malicious activity and implement the mitigations outlined in this advisory.
For more detailed information, review the full advisory and CISA’s People’s Republic of China Cyber Threat Overview and Advisories web page.
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a malicious Android application disguised as an official portal. This banking trojan and spyware targets pensioners and civil servants, exploiting legacy systems and digital transformation vulnerabilities to steal sensitive data including […]
The post New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is software that allows users to turn their Windows/Linux/macOS computer or their network-attached storage devices into a personal media server. It organizes their movies, music, photos, and other media and enables them to stream the content on nearly … More →
The post 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 appeared first on Help Net Security.
You must login to view this content
An MSSP leader is no stranger to the relentless pressure of growth. With an expanding client base comes the daunting task of scaling threat detection capabilities: without compromising quality, speed, or your bottom line. The challenge that rises above all is how to grow while maintaining the balance between human potential and organizational demands. Human […]
The post MSSP Growth Guide: Scaling Threat Detection for Expanding Client Base appeared first on ANY.RUN's Cybersecurity Blog.
Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the move promises streamlined recommendations and deeper engagement among friends, it also raises fresh security and privacy considerations. Rolling out to Free and Premium users aged 16 and older in select markets on mobile devices, the […]
The post Spotify Launches Direct Messaging Feature Amid Security Concerns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.