Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers.
The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek.
In our latest webinar, Flashpoint unpacks the architecture of the Chinese threat actor cyber ecosystem—a parallel offensive stack fueled by government mandates and commercialized hacker-for-hire industry.
Table Of ContentsFor years, the global cybersecurity community has operated under the assumption that technical information was a matter of public record. Security research has always been openly discussed and shared through a culture of global transparency. Today, that reality has fundamentally shifted. Flashpoint is witnessing a growing opacity—a “Walled Garden”—around Chinese data. As a result, the competence of Chinese threat actors and APTs has reached an industrialized scale.
In Flashpoint’s recent on-demand webinar, “Mapping the Adversary: Inside the Chinese Pentesting Ecosystem,” our analysts explain how China’s state policies surrounding zero-day vulnerability research have effectively shut out the cyber communities that once provided a window into Chinese tradecraft. However, they haven’t disappeared. Rather, they have been absorbed by the state to develop a mature, self-sustaining offensive stack capable of targeting global infrastructure.
The “Walled Garden” is a direct result of a Chinese regulatory turning point in 2021: the Regulations on the Management of Security Vulnerabilities (RMSV). While the gradual walling off of China’s data is the cumulative result of years of implementing regulatory and policy strategies, the 2021 RMSV marks a critical turning point that effectively nationalized China’s vulnerability research capabilities. Under the RMSV, any individual or organization in China that discovers a new flaw must report it to the Ministry of Industry and Information Technology (MIIT) within 48 hours. Crucially, researchers are prohibited from sharing technical details with third parties—especially foreign entities—or selling them before a patch is issued.
It is important to note that this mandate is not limited to Chinese-based software or hardware; it applies to any vulnerability discovered, as long as the discoverer is a Chinese-based organization or national. This effectively treats software vulnerabilities as a national strategic resource for China. By centralizing this data, the Chinese government ensures it has an early window into zero-day exploits before the global defensive community.
For defenders, this means that by the time a vulnerability is public, there is a high probability it has already been analyzed and potentially weaponized within China’s state-aligned apparatus.
Flashpoint analysts have observed that within this Walled Garden, traditional Western reconnaissance tools are losing their effectiveness. Chinese threat actors are utilizing an indigenous suite of cyberspace search engines that create a dangerous information asymmetry, allowing them to peer at defender infrastructure while shielding their own domestic base from Western scrutiny.
While Shodan remains the go-to resource for security teams, Flashpoint has seen Chinese threat actors favor three IoT search engines that offer them a massive home-field advantage:
In the full session, we demonstrate exactly how Chinese operators use these tools to fuse reconnaissance and exploitation into a single, automated step—a capability most Western EDRs aren’t yet tuned to detect.
Leveraging their knowledge of vulnerabilities and zero-day exploits, the illicit Chinese ecosystem is building tools designed to dismantle the specific technologies that power global corporate data centers and business hubs.
In the webinar, our analysts explain purpose-built cyber weapons designed to hunt VMware vCenter servers that support one-click shell uploads via vulnerabilities like Log4Shell. Beyond the initial exploit, Flashpoint highlights the rising use of Behinder (Ice Scorpion)—a sophisticated web shell management tool. Behinder has become a staple for Chinese operators because it encrypts command-and-control (C2) traffic, allowing attackers to evade conventional inspection and deep packet analytics.
By understanding this “Walled Garden” architecture, defenders can move beyond generic signatures and begin to hunt for the specific TTPs—such as high-entropy C2 traffic and proprietary Chinese scanning patterns—that define the modern Chinese threat actor.
How can Flashpoint help? Flashpoint’s cyber threat intelligence platform cuts through the generic feed overload and delivers unrivaled primary-source data, AI-powered analysis, and expert human context.
Watch the on-demand webinar to learn more, or request a demo today.
The post How China’s “Walled Garden” is Redefining the Cyber Threat Landscape appeared first on Flashpoint.
Sandworm/Electrum hackers targeted communication and control systems at 30 sites.
The post ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid appeared first on SecurityWeek.
The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely.
The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek.
One of the largest residential proxy networks, IPIDEA enrolled devices through SDKs for mobile and desktop.
The post Google Disrupts IPIDEA Proxy Network appeared first on SecurityWeek.
Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts.
The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek.
Quantum computers are coming, with a potential computing power almost beyond comprehension.
The post Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI appeared first on SecurityWeek.
Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim's ChatGPT data.
The post Chrome, Edge Extensions Caught Stealing ChatGPT Sessions appeared first on SecurityWeek.
The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.
The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek.
More than 20 vulnerabilities were found and patched in Dormakaba physical access control systems.
The post Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms appeared first on SecurityWeek.
10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.
The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek.
The critical-severity vulnerability can be exploited via crafted network packets for remote code execution.
The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek.
The WorldLeaks cybercrime group claims to have stolen information from the footwear and apparel giant’s systems.
The post Nike Probing Potential Security Incident as Hackers Threaten to Leak Data appeared first on SecurityWeek.
Cyber regulations are where politics meets business – where business becomes subject to political realities.
The post Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements appeared first on SecurityWeek.
Pwn2Own participants disclosed a total of 76 vulnerabilities during the three-day event.
The post Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 appeared first on SecurityWeek.
A team of researchers from the Graz University of Technology in Austria has revived page Linux page cache attacks.
The post Old Attack, New Speed: Researchers Optimize Page Cache Exploits appeared first on SecurityWeek.
Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution.
The post Hackers Targeting Cisco Unified CM Zero-Day appeared first on SecurityWeek.
API cybersecurity will be a ping pong ball, battered between the rackets of AI-assisted attackers and AI-assisted defenders.
The post Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore appeared first on SecurityWeek.
Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products.
The post Oracle’s First 2026 CPU Delivers 337 New Security Patches appeared first on SecurityWeek.
Eighty years ago, the first United Nations General Assembly convened in London, marking the start of a new era of global cooperation. Today, the context in which the UN operates has changed significantly. The UN system is being asked to deliver results with greater speed and precision, often amid tightening resources and growing demands. In response, the UN is advancing reforms to become more agile, accountable, and efficient.
The UN80 initiative, launched by UN Secretary-General Antonio Guterres, is about making the UN system fit for the future, strengthening its resilience, responsiveness, and capacity for innovation across humanitarian response, development, and international security.
We are at a unique moment in history, the AI era, where digital and AI technologies can fundamentally reshape how large, complex institutions deliver for people around the world. For the UN, this is an opportunity not only to strengthen core systems such as procurement, service delivery, and supply chain management, but to reimagine how it meets the needs of constituents with greater speed, scale, and impact. Microsoft can support this moment by helping build the digital and AI foundations needed to modernize operations and unlock new solutions to global challenges at a scale not previously possible.
In December, all 193 Member States reached agreement on a package of measures to ensure financial stability and enhance efficiency across the UN system. Following that, and in the spirit of the US Government’s recent $2 billion contribution to fund humanitarian aid, Microsoft is announcing a pledge designed to support the UN system holistically. We hope that our pledge will inspire further action and help catalyze broader private sector resources and expertise. Microsoft’s UN80 pledge is structured around four pillars.
Together, these commitments are intended to support the organization’s efforts to become more agile, efficient, and transparent through concrete action and investment. We describe each pillar in more detail below.
Microsoft is committing a multi-million-dollar investment to establish an innovation fund that will support priority UN80 initiatives, particularly where AI and digital technologies can accelerate outcomes. This fund is designed to be collective, open to other private sector partners’ contributions, and focused on practical projects that strengthen UN capabilities and delivery.
Microsoft is making a pricing commitment designed to improve affordability for the UN system. As part of this commitment, Microsoft will provide a specialized UN80 offer through June 2027 to improve affordability and help address financial constraints. Access to secure, modern digital tools is foundational to the UN’s ability to operate effectively across geographies and mandates.
We will make available free digital and AI literacy training and credentials to all UN staff. This includes training on the capabilities needed to adopt and scale technology responsibly across UN agencies, missions, and offices.
Microsoft is committing to bring together partners to align resources, expertise, and innovation in support of UN80 priorities. EY is taking a leadership position in the industry as the first partner to join this coalition, making a similar pledge to contribute their expertise and capacity in support of UN80-aligned initiatives. EY brings deep experience across the UN system as well as across multiple industries—expertise that will be invaluable in shaping new initiatives and collaborations to strengthen the capabilities needed to meet the UN80 commitments. Together, Microsoft and EY are working to anchor this early private-sector coalition in shared purpose and equip the UN with the tools and capabilities to advance reform at scale.
This commitment builds on years of concrete collaboration where technology and partnerships have strengthened core UN systems. Through our work with the United Nations Children’s Fund (UNICEF), we’ve helped advance digital learning platforms that have reached millions of children worldwide, ensuring equitable access to education even in the most challenging circumstances. Our engagement with the International Telecommunication Union (ITU) has supported global connectivity initiatives, helping bridge the digital divide and foster inclusive access to technology. In humanitarian settings, our work with the United Nations High Commissioner for Refugees (UNHCR) is advancing AI-powered transcription, translation, and summarization to make refugee onboarding faster and more accessible in some of the world’s toughest environments.
Together with Microsoft’s AI for Good Lab and GitHub, UNHCR has also modernized mapping for the Kakuma refugee camp, enabling humanitarian teams to deliver aid more efficiently, plan infrastructure with precision, and uphold safety and dignity for over 300,000 displaced individuals. We partnered with the International Labour Organization (ILO) and the International Training Centre of the ILO through the Women in Digital Business initiative to equip women entrepreneurs with digital and AI skills—opening doors to growth, reaching new markets, and strengthening economic impact. In remote communities like Kaswanga in Rusinga Island, these tools are breaking barriers and rewriting futures as women turn local crafts and produce into nationwide businesses.
Together, these efforts show how responsible innovation can strengthen the UN’s ability to deliver at scale.
To support effective execution of these commitments, Microsoft is standing up a dedicated UN80 engagement team to serve as a point of contact for UN counterparts. This team will engage with UN leadership to help align priorities, coordinate partner contributions, and support the effective deployment of resources as the UN80 initiative takes shape.
UN80 provides an opportunity to build on this foundation and scale what works across the system.
As the UN enters its next 80 years, Microsoft stands with the organization as a committed partner, investing in the systems and capabilities needed to deliver in a changing world. Our hope is that UN80 is more than an aspiration, and that it promotes modernization, accountability, transparency, and efficiency for years to come.
UN does not endorse any company, brand, organization, product or service.
The post A renewed commitment to strengthening the United Nations for its next era appeared first on Microsoft On the Issues.
Login