CyberSecurityBoard
Sponsor Register Login

Silk Typhoon hackers hijack network captive portals in diplomat attacks

Silk Typhoon, a notorious Chinese state-sponsored hacking group, has been identified hijacking network captive portals to target diplomats and government officials. This sophisticated cyber espionage campaign involves manipulating captive portals—web pages that users must interact with before accessing a network—to intercept and monitor sensitive communications. The attackers exploit vulnerabilities in network infrastructure to gain unauthorized access, enabling them to conduct surveillance and data exfiltration without detection. This method allows Silk Typhoon to bypass traditional security measures, posing a significant threat to diplomatic communications and national security. Organizations are urged to strengthen their network defenses, update firmware, and monitor captive portal configurations to mitigate risks. This incident underscores the evolving tactics of state-sponsored threat actors and the critical need for enhanced cybersecurity protocols in sensitive environments.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 26 Aug 2025 21:35:17 +0000


Cyber News related to Silk Typhoon hackers hijack network captive portals in diplomat attacks

Silk Typhoon hackers now target IT supply chains to breach networks - Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. Microsoft reports that ...
8 months ago Bleepingcomputer.com CVE-2024-3400
Silk Typhoon hackers hijack network captive portals in diplomat attacks - Silk Typhoon, a notorious Chinese state-sponsored hacking group, has been identified hijacking network captive portals to target diplomats and government officials. This sophisticated cyber espionage campaign involves manipulating captive ...
2 months ago Bleepingcomputer.com Silk Typhoon
CISA: Volt Typhoon had access to some U.S. targets for 5 years - U.S. government agencies issued another warning about the significant threat posed by a Chinese nation-state threat group to critical infrastructures, revealing attackers might have been lurking in victims' IT environments for several years. Last ...
1 year ago Techtarget.com CVE-2023-27997 Volt Typhoon
The FBI's Brett Leatherman gives the latest ‘Typhoon’ forecast | The Record from Recorded Future News - We're fully engaged with the victims still, in order to ensure that there's containment, that there remains containment in the environment, and that, as the victims continue to do their work with CISA, their third-party remediation ...
6 months ago Therecord.media Volt Typhoon
Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
1 year ago Darkreading.com Volt Typhoon
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage - ANSA reports that Xu is accused of being linked to the Chinese state-sponsored Silk Typhoon hacking group, aka Hafnium, which has been responsible for a wide range of cyberespionage attacks against the U.S. and other countries. A Chinese ...
4 months ago Bleepingcomputer.com HAFNIUM
Chinese hackers use custom malware to spy on US telecom networks - A primary component of the Salt Typhoon attacks was monitoring network activity and stealing data using packet-capturing tools like Tcpdump, Tpacap, Embedded Packet Capture, and a custom tool called JumbledPath. JumbledPath allowed Salt Typhoon ...
8 months ago Bleepingcomputer.com
China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments - Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports. As part of the observed attacks, the ...
1 year ago Securityweek.com CVE-2019-1653 CVE-2019-1652 Volt Typhoon
Chinese hackers breached National Guard to steal network configurations - The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to ...
3 months ago Bleepingcomputer.com
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
6 months ago Bleepingcomputer.com
China-Sponsored Hackers Lie in Wait to Attack US Infrastructure - In a stark warning this week, the Cybersecurity and Infrastructure Security Agency, FBI, and National Security Agency said that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations in such sectors as ...
1 year ago Securityboulevard.com BlackTech Volt Typhoon
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Stealthy KV-botnet hijacks SOHO routers and VPN devices - The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and ...
1 year ago Bleepingcomputer.com Volt Typhoon
Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain - Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain ...
8 months ago Cybersecuritynews.com CVE-2025-0282
Chinese Silk Typhoon Hackers Filed 10+ Patents for Highly Intrusive Hacking Tools - Patents for “specially designed computer hard drive decryption software” and “remote cellphone evidence collection software” indicate sophisticated mobile device compromise capabilities that have not been publicly attributed ...
3 months ago Cybersecuritynews.com
Chinese hackers hid in US infrastructure network for 5 years - The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and ...
1 year ago Bleepingcomputer.com Volt Typhoon
Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity - The portion of China's Volt Typhoon advanced persistent threat that focuses on infiltrating operational technology networks in critical infrastructure has already performed reconnaissance and enumeration of multiple US-based electric companies, while ...
1 year ago Darkreading.com Volt Typhoon
Silk Typhoon Targets North American Orgs’ Cloud Environments - Silk Typhoon, a sophisticated Chinese state-sponsored threat group, has been actively targeting cloud environments of North American organizations. This group is known for its advanced cyber espionage tactics, focusing on exploiting cloud ...
2 months ago Darkreading.com CVE-2023-28252 CVE-2023-28253 Silk Typhoon
15 Best Bandwidth Monitoring Tools in 2025 - By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. It provides real-time monitoring of network performance, traffic analysis, and ...
3 months ago Cybersecuritynews.com
Chinese hackers breach more US telecoms via unpatched Cisco routers - Iniskt Group advises network admins operating Internet-exposed Cisco IOS XE network devices to apply available security patches as soon as possible and avoid exposing administration interfaces or non-essential services directly to the Internet. These ...
8 months ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273
China Hijacks Captive Portals to Spy on Asian Diplomats - A sophisticated cyber espionage campaign attributed to Chinese threat actors has been uncovered, targeting Asian diplomats through the hijacking of captive portals. These portals, commonly used in public Wi-Fi networks to authenticate users, were ...
2 months ago Darkreading.com Chinese threat actors
Chinese Volt Typhoon Hackers Exploiting Cisco & NetGear Routers To Compromise Organizations - Security researchers have identified Volt Typhoon deploying sophisticated techniques to compromise outdated Cisco RV320/325 and NetGear ProSafe routers, converting them into covert relay nodes for command-and-control operations. The Chinese ...
7 months ago Cybersecuritynews.com CVE-2024-39717 Volt Typhoon
Feds Confirm Remote Killing of Volt Typhoon's SOHO Botnet - US law enforcement has disrupted the infrastructure of the notorious China-sponsored cyberattack group known as Volt Typhoon. The state-backed group uses it as a launchpad for other attacks, particularly on US critical infrastructure, because the ...
1 year ago Darkreading.com Volt Typhoon
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto, and F5 Vulnerabilities to Target Organizations Globally - Salt Typhoon, a sophisticated cyber espionage group, has been actively exploiting critical vulnerabilities in widely used enterprise software from Cisco, Ivanti, Palo Alto Networks, and F5 Networks. These exploits allow the threat actors to gain ...
2 months ago Thehackernews.com CVE-2025-12345 CVE-2024-56789 CVE-2024-98765 Salt Typhoon
Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools - The patents, registered by firms named in recent U.S. Department of Justice indictments, detail sophisticated offensive capabilities including encrypted endpoint data acquisition, mobile device forensics, and network traffic interception from routers ...
3 months ago Cybersecuritynews.com HAFNIUM

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)