> TritonInfoSec News
Home / May 22, 2026 / Story
0
#8 BleepingComputer general May 21, 2026 at 14:00 UTC

Chinese hackers target telcos with new Linux, Windows malware

By Bill Toulas

AI Summary

Chinese APT actors linked to cyber-espionage campaigns have been deploying two newly identified malware families — Showboat (Linux SOCKS5 proxy/backdoor) and JFMBackdoor (Windows) — against telecommunications providers in the Middle East and Central Asia since at least mid-2022. Lumen Technologies researchers found Showboat is a modular post-exploitation framework capable of spawning remote shells, transferring files, and proxying traffic. The shared tooling across multiple Chinese APT groups suggests coordinated infrastructure targeting strategic communications providers.

Read full article → https://www.bleepingcomputer.com/news/security/chi…

Relevance score: 75.0/100

# More from May 22

  1. 1
    GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension The Hacker News
  2. 2
    Microsoft Warns of Two Actively Exploited Defender Vulnerabilities The Hacker News
  3. 3
    9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros The Hacker News
  4. 4
    Max severity Cisco Secure Workload flaw gives Site Admin privileges BleepingComputer
  5. 5
    Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks The Hacker News
  6. 6
    Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Krebs on Security
  7. 7
    Hackers bypass SonicWall VPN MFA due to incomplete patching BleepingComputer
  8. 9
    European authorities take down prolific cybercrime VPN service CyberScoop
  9. 10
    7-Eleven confirms breach after ShinyHunters claims The Record