February 25, 2026

Taiwan Security Firm Confirms CISA Flagged Vulnerability Exploited by Chinese APT Groups

Vaibhav February 24, 2026
Taiwan-Security-Firm-Confirms-CISA-Flagged-Vulnerability-Exploited-by-Chinese-APT-Groupsdata
Post Views: 11

Vulnerability in Security Product Exploited by Chinese Threat Actors

A recently disclosed vulnerability in a security product has been confirmed to have been exploited by Chinese threat actors, according to a Taiwan-based cybersecurity firm.

Vulnerability Details

The vulnerability, tracked as CVE-2024-7694, was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog last week. CVE-2024-7694 allows an attacker with administrative privileges to upload malicious files, which can lead to arbitrary command execution on the server.

Exploitation and Patching

The vulnerability was patched in August 2024, but not before it was exploited in a highly targeted attack against a small number of high-profile customers of the security firm, TeamT5.

TeamT5’s investigation found that the threat actor invested significant resources into finding a vulnerability in its ThreatSonar product, which is used by government agencies and other organizations in the United States, Japan, and Taiwan.

The company has confirmed that all customers were notified and assisted with patching and mitigations at the time of the attack.

Attribution and Impact

According to TeamT5, the exploitation was part of a supply chain attack likely conducted by Chinese Advanced Persistent Threat (APT) groups, which the company tracks as Slime57 and Slime62.

The attackers used hundreds of compromised devices in Taiwan to hide their real identity.

The vulnerability was added to the CISA KEV catalog with a deadline for government agencies to address it by March 10.

The fact that the vulnerability was exploited by Chinese APTs is not surprising, given the groups’ history of targeting supply chain vulnerabilities.

TeamT5 has stated that it is confident that no users are currently running a vulnerable version of its software, as all customers were updated in 2024.

The company’s confirmation of the exploitation highlights the ongoing threat posed by Chinese APTs and the importance of patching vulnerabilities in a timely manner.



About Author

Vaibhav

See author's posts

More Stories

US-Law-Firm-Websites-Hacked-to-Distribute-Malware-and-Ransomware-Threatsdata

US Law Firm Websites Hacked to Distribute Malware and Ransomware Threats

Vaibhav February 25, 2026
Optimizely-Reports-Vishing-Related-Data-Breach-Protecting-Customer-Data-in-a-Phishing-Eradata

Optimizely Reports Vishing-Related Data Breach: Protecting Customer Data in a Phishing Era

Vaibhav February 25, 2026
CISO-Insights-Expert-Advice-from-4x-Fortune-500-Cybersecurity-Leader-Timothy-Youngblooddata

CISO Insights: Expert Advice from 4x Fortune 500 Cybersecurity Leader Timothy Youngblood

Vaibhav February 24, 2026

Latest Cyber Security News

Novel-AI-Agent-Powered-Crypto-Scam-Exposed-Uncovering-Sophisticated-Deception-in-Digital-Marketsdata

Novel AI Agent-Powered Crypto Scam Exposed: Uncovering Sophisticated Deception in Digital Markets

Vaibhav February 25, 2026
US-Law-Firm-Websites-Hacked-to-Distribute-Malware-and-Ransomware-Threatsdata

US Law Firm Websites Hacked to Distribute Malware and Ransomware Threats

Vaibhav February 25, 2026
Optimizely-Reports-Vishing-Related-Data-Breach-Protecting-Customer-Data-in-a-Phishing-Eradata

Optimizely Reports Vishing-Related Data Breach: Protecting Customer Data in a Phishing Era

Vaibhav February 25, 2026
Vikor-Scientific-Data-Breach-Exposes-140-000-Recordsdata

Vikor Scientific Data Breach Exposes 140,000 Records

Vaibhav February 25, 2026
New-York-City-Transit-Union-Hit-by-Mysterious-Qilin-Threatsdata

New York City Transit Union Hit by Mysterious Qilin Threats

Vaibhav February 25, 2026
en_USEnglish
en_USEnglish