Computer Weekly

Warlock ransomware may be linked to Chinese state

An emergent strain of ransomware known as Warlock – which was linked to multiple attacks orchestrated via vulnerabilities in on-premise Microsoft SharePoint Server instances during the summer of 2025 ...
Dark Reading

Chinese APT Group Likely Using Ransomware Attacks as Cover for IP Theft

A China-based advanced persistent threat (APT) actor, active since early 2021, appears to be using ransomware and double-extortion attacks as camouflage for systematic, government-sponsored ...
Business Wire

Sygnia First to Link Two Ransomware Groups to Larger Chinese Threat Actor, Dubbed ‘Emperor Dragonfly’

In a new report, Sygnia’s Incident Response (IR) team connects Night Sky and Cheerscrypt activity to one unified threat group targeting Windows and VMWare ESXi environments TEL AVIV, Israel & NEW YORK ...
Seeking Alpha

CrowdStrike 2025 APJ eCrime Landscape Report: Chinese Underground Marketplaces Drive Billions in Illicit Transactions; AI-accelerated Ransomware Surges

Chinese-speaking actors evade government restrictions and solicit criminal services through anonymized marketplaces; AI-accelerated ransomware operations signal next evolution of threats At the same ...