china-nexus
Safeguard articles tagged "china-nexus" — guides, analysis, and best practices for software supply chain and application security.
4 articles
ESET's May 2026 APT Report: Oil Shipments, Drone Makers, and a Poisoned npm Library
ESET's APT Activity Report (May 28, 2026) maps China-, North Korea-, Russia-, and Iran-aligned operations from October 2025 to March 2026 — including BlueNoroff's compromise of the axios npm package, a textbook supply-chain espionage event.
Nation-State Actors Operationalize AI: Inside GTIG's May 2026 Threat Tracker
Google's Threat Intelligence Group documented China, North Korea, Russia, and Iran moving AI from experiment to operations in May 2026 — AI-assisted vulnerability research, LLM-enabled malware, and obfuscated model-access infrastructure.
Shadow-Earth-053: China-Aligned Espionage Across Asia and a NATO State (May 2026)
Trend Micro's May 1, 2026 disclosure of Shadow-Earth-053 documents a China-aligned campaign exploiting N-day Exchange and IIS flaws to plant Godzilla web shells and ShadowPad across government, defense, and civil-society targets in eight-plus countries.
Ivanti Connect Secure CVE-2025-22457: Another Critical Zero-Day, Same Product
A stack-based buffer overflow in Ivanti Connect Secure was exploited by Chinese threat actors just months after the previous zero-day in the same product. The vulnerability was initially misclassified as low-risk.