China-linked hackers exploited Sitecore zero-day for initial access

An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure ...
The Hacker News

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

China-linked attackers used Venezuela-themed phishing and DLL side-loading to deploy the LOTUSLITE backdoor against U.S.

CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in ...