Wednesday , July 1 2026
firewall

U.S. Charges Chinese man linked to global Firewall hack

A federal court in Hammond, Indiana, has unsealed an indictment against Guan Tianfeng, a Chinese citizen, for allegedly hacking firewall devices globally in 2020. Guan and his co-conspirators, employed by Sichuan Silence Information Technology Co. Ltd., targeted a previously unknown vulnerability (an “0-day” vulnerability) in firewalls produced by U.K.-based Sophos Ltd., a cybersecurity firm.

Source: FBI

The malware created by Guan was meant to steal information and encrypt files on infected computers if victims tried to fix the issue. Overall, Guan and his team infected around 81,000 firewall devices globally, including one used by a U.S. agency.

Apple fixes more than 30 iOS, macOS, and Safari flaws

Apple released security updates on Monday for iOS, macOS, and Safari. These updates fix more than thirty issues, including four...
Read More
Apple fixes more than 30 iOS, macOS, and Safari flaws

Attackers exploit critical flaw in Oracle E-Business

Attackers are now using a flaw (called CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial app, according to the security...
Read More
Attackers exploit critical flaw in Oracle E-Business

WhatsApp to allow usernames instead of phone numbers

WhatsApp is about to release a big update that may change how people communicate on the app. Soon, users can...
Read More
WhatsApp to allow usernames instead of phone numbers

Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

The Linux Foundation said on Thursday that they are starting a new project to fix flaws in open source software...
Read More
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

Data breach affects 14.2 million email logins across six ISPs

KDDI Corporation, a Japanese telecom company, revealed a data breach. Hackers got into one of its email systems that five...
Read More
Data breach affects 14.2 million email logins across six ISPs

Asian Two AI startups launch Mythos-like Model

Two Asian AI companies have released new models this week that compete with Anthropic’s recently limited Mythos and Fable models,...
Read More
Asian Two AI startups launch Mythos-like Model

Polymarket Hack Reportedly Results in $3 Million Theft

Polymarket is a platform for prediction markets using cryptocurrency. It lets users bet on what might happen in real-life events...
Read More
Polymarket Hack Reportedly Results in $3 Million Theft

Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5

Anthropic said that Claude Mythos 5, its strongest AI security model, will be sent back to some U.S. orgs that...
Read More
Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5

Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

A complex phishing attack targets AWS console users by misusing Cloudflare-hosted websites to steal login details. Each domain had a nearly...
Read More
Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

Daily Cyber security update for 26. 06. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 26. 06. 2026

“The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world,” said Deputy Attorney General Lisa Monaco. “Today’s indictment reflects the Justice Department’s commitment to working with partners across government and across the globe to detect and hold accountable malicious cyber actors based in China or elsewhere who pose a threat to global cybersecurity.”

Assistant Attorney General Matthew G. Olsen stated, “The defendant and his associates compromised tens of thousands of firewalls, putting devices that protect computers worldwide at risk. The Department of Justice will hold accountable those involved with China-based companies that carry out indiscriminate hacks and harm global cybersecurity.”

The US Department of State has offered a reward of up to $10 million for information about Sichuan Silence or Guan. Due to sanctions, any money or assets they hold in the US must be blocked and reported to OFAC.

The Treasury’s OFAC reported that Tianfeng used a zero-day exploit to install malware on about 81,000 firewalls belonging to various businesses worldwide from April 22 to 25, 2020.

Over 23,000 of these firewalls were in the US, including 36 that safeguarded critical infrastructure companies.

The SQLi vulnerability (CVE 2020-12271) was exploited with a command injection to gain root access and install the Asnarök Trojan on the device.

Sophos’ rapid response mitigated potential damage, but the attack continues to highlight that “the scale and persistence of Chinese nation-state adversaries poses a significant threat to critical infrastructure, as well as unsuspecting, everyday businesses,” Sophos said.

In October 2024, cybersecurity company Sophos began a five-year study tracking coordinated campaigns by Chinese groups targeting perimeter devices from 2018-2023, called ‘Pacific Rim.’

Ross McKerchar, CISO at Sophos, supported the sanctions, highlighting the importance of working together to address the threat from Chinese groups.

“The scale and persistence of Chinese nation-state adversaries poses a significant threat to critical infrastructure, as well as unsuspecting, everyday businesses as noted in Sophos’ Pacific Rim investigation report. Their relentless determination redefines what it means to be an Advanced Persistent Threat; disrupting this shift demands individual and collective action across the industry, including with law enforcement,” he noted.

Check Also

Claude Mythos 5

Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5

Anthropic said that Claude Mythos 5, its strongest AI security model, will be sent back …