Operation Sea Elephant aims to spy on Chinese scientific research achievements in the field of ocean to ensure the dominance of a certain country in South Asia in the Indian Ocean.
In mid-2024 QiAnXin Threat Intelligence Center researchers discovered the South Asian direction attack collection numbered UTG-Q-011, which, despite the fact that the collection’s subsequent plug-ins differed too much from the CNC, had the same backdoor and the same codebase as used by the CNC group, and ultimately treated UTG-Q-011 as a subset of the CNC for the purpose of research. This paper concludes with disclosures on this topic.
Read more…
Source: QiAnXin Threat Intelligence Center
Related:
- LexisNexis hacked, 2 GB of structured data allegedly exposed
March 3, 2026
The hacker group FulcrumSec is taking responsibility for a data breach of information from LexisNexis. The group claims to have hacked into the LexisNexis servers on Feb. 24. It posted about the hack and alleged it got access to over 2 gigabytes of structured data. “We exfiltrated 2.04 GB of structured data from LexisNexis AWS infrastructure ...
- Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
March 2, 2026
Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned. Financially motivated cybercriminals are contacting citizens under the guise of Dubai Crisis Management, a fictitious department ostensibly tied to Dubai Police, in attempts to gather information that could be used in SIM-swap attacks. The ...
- New Android malware can hack every top phone maker’s security, and costs less than a second-hand iPhone
February 28, 2026
Oblivion is a newly observed Android Remote Access Trojan which reportedly targets a range of popular devices running Android 8 through 16. Security researchers at Certo have examined the tool, which is sold on a subscription basis starting at $300, and claims to be capable of working on heavily customized systems from Samsung, Xiaomi, and ...
- 15 million French citizens affected by massive data breach following cyberattack on medical software
February 27, 2026
A massive data breach concerning the data of 15 million people in France has been revealed after a cyberattack targeted 1,500 doctors using medical software. The administrative data of around 15 million French citizens, along with notes written by their doctors, were leaked in a large-scale breach targeting 1,500 doctors using a medical software from Cegedim ...
- Ransomware payments drop to record low, even as attacks surge
February 27, 2026
Ransomware groups have never been this active, but have also never extorted this little money, new research has claimed. Market analysts Chainalysis found the number of ransomware incidents in 2025 rose by 50% compared to the previous year, earning criminals $820 million – although this number may still rise as more incidents are attributed to ransomware ...
- CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
February 25, 2026
CISA and partners have observed malicious cyber actors targeting and compromising Cisco SD-WAN systems of organizations, globally. These actors have been observed exploiting a previously undisclosed authentication bypass vulnerability, CVE-2026-20127, for initial access before escalating privileges using CVE-2022-20775 and establishing long-term persistence in Cisco SD-WAN systems. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Sign up for the ...