Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA and NCSC-UK China-nexus covert device networks advisory

Advisory/Mitigation
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

CISA and NCSC-UK released a new advisory warning organizations about Chinese government-linked covert networks built from compromised devices. The guidance says weak home, small-office, and IoT devices can be chained into botnets that support spying, break-ins, device control, and data theft. Defenders are urged to map edge devices, baseline normal connections, retain logs, and enable multifactor authentication to reduce the risk of organizational compromise.

Related Happenings

CISA zero-trust SASE guidance for TIC 3.0

Public Sector Action
H score30 First: 25.06.2026 14:30 Last: 25.06.2026 14:30 Sources 1

About this happening: CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...

CISA FortiBleed mitigation guidance

Advisory/Mitigation
H score67 First: 19.06.2026 09:47 Last: 19.06.2026 09:47 Sources 1

About this happening: **CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...

CISA automatic tank gauge system mitigations

Advisory/Mitigation
H score20 First: 02.06.2026 15:00 Last: 02.06.2026 15:00 Sources 1

About this happening: **CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...

Healthcare phishing defense guidance for VPN MFA and continuous training

Defensive Guidance
H score16 First: 22.05.2026 16:17 Last: 22.05.2026 16:17 Sources 1

About this happening: Healthcare defenders were urged to treat **phishing** as a top priority, which matters because social engineering is a direct path to **credential abuse** in clinical environments...

AWS exposed-key hardening guidance for Amazon SES phishing abuse

Defensive Guidance
H score14 First: 04.05.2026 23:03 Last: 04.05.2026 23:03 Sources 1

About this happening: **Kaspersky** urged organizations to harden **AWS IAM** and credential handling after **exposed access keys** were linked to phishing delivery through **Amazon SES**, reducing the...

Timeline

  1. 23.04.2026 15:00 2 articles · 2mo ago

    CISA and NCSC-UK release covert device network advisory

    Initial Disclosure

    CISA, NCSC-UK, and global partners released an advisory on Chinese government-linked covert networks built from compromised devices, warning that groups such as Volt Typhoon and Flax Typhoon use weak home, small-office, and IoT devices in botnets to hide malicious activity including spying, break-ins, device control, and data theft. The advisory urges organizations to map network edge devices, baseline normal connections, retain log collection and storage, and enable multifactor authentication to reduce the risk of organizational compromise.

    Show sources