Chinese hackers, affiliated with Chinese government-backed groups, have successfully infiltrated critical infrastructure in North America by exploiting vulnerabilities and compromised credentials. Their campaigns involve sophisticated tools like Earthworm and zero-day exploits such as CVE-2025-53690. #UAT8837 #Earthworm
Keypoints
- Chinese hacking groups targeted North American critical infrastructure using compromised credentials and exploitable servers.
- The campaign, linked to groups like UAT-8837, involved stealing credentials and security configurations to expand access.
- The group exploited CVE-2025-53690, a SiteCore vulnerability, suggesting access to zero-day exploits.
- Tools like Earthworm were used to expose internal endpoints and create reverse tunnels for undetectable access.
- Recent incidents highlight continued Chinese cyber threats against U.S. federal agencies and critical systems.
Read More: https://therecord.media/china-hackers-apt-cisco-talos