APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.
A group known as Volt Typhoon, that is affiliated with the Chinese government, has been attacking critical infrastructure in Guam and elsewhere in the United States.
A Chinese state-affiliated attack group known as Camaro Dragon is targeting some TP-Link routers to install malicious firmware images.
A Chinese APT team has targeted telecom providers in the Middle East with a campaign that may be lined to the Operation Soft Cell actors.
Google has disrupted more than 50,000 accounts linked to the Dragonbridge pro-China information operation in the last year.