A threat actor linked to China is actively targeting North American critical infrastructure using advanced tactics, including zero-day exploits and open-source tools. This group demonstrates a high level of sophistication, potentially enabling future supply chain attacks and persistent infiltration. #UAT-8837 #ChinaNexus
Keypoints
- The threat group UAT-8837 has been targeting North American critical infrastructure since 2025.
- They exploit zero-day vulnerabilities like CVE-2025-53690 to access networks undetected.
- The group employs open-source tools and living off the land techniques to evade detection.
- Tools such as Earthworm, GoToken Theft, SharpHound, and Certipy are integral to their operations.
- Recent theft of DLL libraries indicates potential future supply chain compromise threats.
Read More: https://securityonline.info/zero-day-threat-uat-8837-targets-north-american-infrastructure/