China
DAEMON Tools Supply Chain Compromise: Signed Installers Backdoored Since April 8, Chinese Actor Suspected
Trojanized DAEMON Tools Lite installers signed with the legitimate vendor certificate distributed a multi-protocol backdoor for nearly a month. Kaspersky telemetry shows infection attempts in 100+ countries, with a second-stage implant on government and scientific targets in Russia, Belarus, and Thailand.
FBI Classifies Salt Typhoon Breach of Wiretap Infrastructure as 'Major Cyber Incident'
The FBI has formally classified the Salt Typhoon compromise of its DCSNet wiretap system as a FISMA major incident, the bureau's first such designation since 2020.