#unc5174 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #unc5174, aggregated by home.social.
-
Federal agencies are racing to patch a VMware Tools flaw that lets hackers grab root access—Chinese state-backed group UNC5174 has been exploiting it. What does this mean for digital security? Read on for the full story.
#vmwaretools
#cve202541244
#cybersecurity
#cisa
#unc5174
#vulnerabilitymanagement
#patching
#infosec -
Podniesienie uprawnień w VMware – grupa UNC5174 powiązana z Chinami wykorzystuje lukę CVE-2025-41244
29 września 2025 r. Broadcom poinformował o luce bezpieczeństwa CVE-2025-41244 w oprogramowaniu VMware Tools i VMware Aria, umożliwiającej lokalną eskalację uprawnień. Zgodnie z opinią badaczy z NVISO, luka była aktywnie wykorzystywana jako zero-day od co najmniej października 2024 roku. Za atakami stała grupa UNC5174 utożsamiana przez analityków z chińskim aparatem...
-
You name it, VMware elevates it (CVE-2025-41244)
#CVE_2025_41244 #UNC5174
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/ -
A tiny flaw in VMware has granted state-sponsored hackers root access worldwide—how did an overlooked vulnerability turn into a global security nightmare?
#cve202541244
#vmwarevulnerability
#cyberespionage
#zerodayexploit
#unc5174 -
A tiny flaw in VMware has granted state-sponsored hackers root access worldwide—how did an overlooked vulnerability turn into a global security nightmare?
#cve202541244
#vmwarevulnerability
#cyberespionage
#zerodayexploit
#unc5174 -
A tiny flaw in VMware has granted state-sponsored hackers root access worldwide—how did an overlooked vulnerability turn into a global security nightmare?
#cve202541244
#vmwarevulnerability
#cyberespionage
#zerodayexploit
#unc5174 -
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
#SentinelOne discovered the campaign when they tried to hit the #security vendor's own servers
In their report, they describe a series of intrusions between July 2024 and March 2025 involving #ShadowPad #malware and post-exploitation espionage activity that SentinelOne has dubbed "#PurpleHaze", publicly reported as #APT15 and #UNC5174, And they're blaming #China.
https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/ -
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
#SentinelOne discovered the campaign when they tried to hit the #security vendor's own servers
In their report, they describe a series of intrusions between July 2024 and March 2025 involving #ShadowPad #malware and post-exploitation espionage activity that SentinelOne has dubbed "#PurpleHaze", publicly reported as #APT15 and #UNC5174, And they're blaming #China.
https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/ -
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
#SentinelOne discovered the campaign when they tried to hit the #security vendor's own servers
In their report, they describe a series of intrusions between July 2024 and March 2025 involving #ShadowPad #malware and post-exploitation espionage activity that SentinelOne has dubbed "#PurpleHaze", publicly reported as #APT15 and #UNC5174, And they're blaming #China.
https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/ -
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
#SentinelOne discovered the campaign when they tried to hit the #security vendor's own servers
In their report, they describe a series of intrusions between July 2024 and March 2025 involving #ShadowPad #malware and post-exploitation espionage activity that SentinelOne has dubbed "#PurpleHaze", publicly reported as #APT15 and #UNC5174, And they're blaming #China.
https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/ -
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
#SentinelOne discovered the campaign when they tried to hit the #security vendor's own servers
In their report, they describe a series of intrusions between July 2024 and March 2025 involving #ShadowPad #malware and post-exploitation espionage activity that SentinelOne has dubbed "#PurpleHaze", publicly reported as #APT15 and #UNC5174, And they're blaming #China.
https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/ -
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS – Source:hackread.com https://ciso2ciso.com/chinese-linked-hackers-targeted-70-global-organizations-sentinellabs-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Hackread #security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS – Source:hackread.com https://ciso2ciso.com/chinese-linked-hackers-targeted-70-global-organizations-sentinellabs-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Hackread #security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS – Source:hackread.com https://ciso2ciso.com/chinese-linked-hackers-targeted-70-global-organizations-sentinellabs-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Hackread #security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS – Source:hackread.com https://ciso2ciso.com/chinese-linked-hackers-targeted-70-global-organizations-sentinellabs-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Hackread #security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS https://hackread.com/chinese-linked-hackers-targeted-global-organizations/ #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS https://hackread.com/chinese-linked-hackers-targeted-global-organizations/ #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS https://hackread.com/chinese-linked-hackers-targeted-global-organizations/ #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Security #UNC5174 #APT15 #China
-
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS https://hackread.com/chinese-linked-hackers-targeted-global-organizations/ #CyberAttacks #SentinelLABS #SentinelOne #PurpleHaze #Security #UNC5174 #APT15 #China
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
#CVE_2025_31324 #UNC5221 #UNC5174 #CL_STA_0048 #SNOWLIGHT
https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures -
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
#CVE_2025_31324 #UNC5221 #UNC5174 #CL_STA_0048 #SNOWLIGHT
https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures -
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
#CVE_2025_31324 #UNC5221 #UNC5174 #CL_STA_0048 #SNOWLIGHT
https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures -
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
#CVE_2025_31324 #UNC5221 #UNC5174 #CL_STA_0048 #SNOWLIGHT
https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures -
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
#CVE_2025_31324 #UNC5221 #UNC5174 #CL_STA_0048 #SNOWLIGHT
https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures -
UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell
#UNC5174
https://sysdig.com/blog/unc5174-chinese-threat-actor-vshell/ -
Mandiant reported on the N-day exploitation of CVE-2023-46747 (9.8 critical, disclosed 26 October 2023 by F5, added to CISA KEV on 31 October 2023) unauthenticated RCE and ConnectWise CVE-2024-1709 (10.0 critical, disclosed 19 February 2024 by ConnectWise as exploited zero-day, in KEV) by the Chinese threat actor UNC5174, who they assess to be acting as a contractor for China's Ministry of State Security (MSS). Mandiant provides timeline and evidence of exploitation, post-exploitation tactics, custom malware and tooling. IOC and detection rules provided. 🔗 https://www.mandiant.com/resources/blog/initial-access-brokers-exploit-f5-screenconnect
#UNC5174 #China #cyberespionage #threatintel #IOC #MSS #CVE_2023_46747 #CVE_2024_1709 #F5 #ConnectWise #ScreenConnect #eitw #activeexploitation #KEV