What’s new: Chinese cyber espionage groups, including Murky Panda, Genesis Panda, and Glacial Panda, have intensified their operations targeting cloud and telecom sectors. Murky Panda exploits trusted relationships and vulnerabilities in internet-facing appliances to gain access to enterprise networks, deploying custom malware like CloudedHope. Genesis Panda focuses on cloud service provider accounts for intelligence collection, while Glacial Panda targets telecommunications organizations to exfiltrate sensitive data using known vulnerabilities and trojanized components.
Who’s affected
Organizations in government, technology, academic, legal, professional services, financial services, media, telecommunications, and technology sectors across North America and several other countries are at risk from these attacks.
What to do
- Implement robust security measures for internet-facing appliances and cloud services.
- Regularly update and patch systems to mitigate known vulnerabilities, including CVE-2023-3519 and CVE-2025-3928.
- Monitor for unusual activity and unauthorized access attempts in cloud environments.
- Conduct security assessments to identify and remediate weaknesses in identity and access management.
