China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure

July 21, 2025

The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region.
“The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was a captive

Source: Read More

Previous ArticleIran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

Next Article ⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Highlights

CVE-2025-7906 – “Yangzongzhuan RuoYi Unrestricted File Upload Vulnerability”

July 20, 2025

CVE ID : CVE-2025-7906

Published : July 20, 2025, 8:15 p.m. | 3 hours, 2 minutes ago

Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1 and classified as critical. This issue affects the function uploadFile of the file ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Develop a Multi-Tool AI Agent with Secure Python Execution using Riza and Gemini

Protect your important files in this encrypted, spacious SSD – now $80 off for Prime Day

CVE-2025-6881 – D-Link jhttpd PPPoE Buffer Overflow Vulnerability

CVE-2025-4759 – Lockfile Lint API Incorrect Behavior Order Vulnerability

CVE-2025-7906 – “Yangzongzhuan RuoYi Unrestricted File Upload Vulnerability”

Rilasciato XLibre 25.0: il nuovo fork del server grafico X.Org si presenta al mondo GNU/Linux

CVE-2024-43394 – Apache HTTP Server Windows SSRF NTLM Hash Leak

Xbox PC App Now Lets You Stream Games You Own

China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure

Related Posts