VulnHub

Real-time Cybersecurity News

Risky Chinese Electric Buses Spark Aussie Gov't Review

darkreading
Critical

Overview

Concerns have arisen over China's electric buses, which are currently in use across Australia and Europe. These buses have been found to have vulnerabilities that could be exploited by cybercriminals. Additionally, there is a worrying feature described as a virtual kill switch, which could potentially be activated by the Chinese government. This has prompted the Australian government to review the security implications of these vehicles. The situation raises significant questions about the safety of critical infrastructure and the potential risks posed by foreign technology in public transport systems.

Key Takeaways

  • Affected Systems: Chinese electric buses deployed in Australia and Europe
  • Timeline: Ongoing since recent reports

Original Article Summary

Deployed across Australia and Europe, China's electric buses are vulnerable to cybercriminals and sport a virtual kill switch the Chinese state could activate.

Impact

Chinese electric buses deployed in Australia and Europe

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Ongoing since recent reports

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Critical.

Read Original Article

Related Coverage

CISA tells agencies to stop using unsupported edge devices

CyberScoop

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive urging federal agencies to stop using unsupported edge devices. This directive aims to address vulnerabilities that have been exploited in significant cyberattacks in recent years. Unsupported edge devices can pose serious security risks, as they no longer receive updates or patches, making them easy targets for attackers. By discontinuing the use of these devices, agencies can better protect their networks and sensitive data. This move is part of a broader effort to enhance cybersecurity across the federal government and ensure that agencies are not exposed to avoidable risks.

Feb 5, 2026

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

The Hacker News

The AISURU/Kimwolf botnet has launched a massive DDoS attack that peaked at an astonishing 31.4 Terabits per second, lasting just 35 seconds. This attack is part of a growing trend of extremely high-volume HTTP DDoS assaults that the botnet has been executing throughout the fourth quarter of 2025. Cloudflare, a cybersecurity company that monitors these incidents, successfully detected and mitigated the attack, preventing potential disruptions to online services. Such high-capacity attacks pose significant risks to internet infrastructure and can overwhelm even the most fortified systems, affecting businesses and users alike. As these types of attacks become more common, organizations need to bolster their defenses against DDoS threats.

Feb 5, 2026

AI-assisted cloud breach achieved in record 8 minutes

SCM feed for Latest

A recent cybersecurity incident saw attackers breach a cloud environment in just eight minutes, using exposed test credentials that were found in a public S3 bucket. This rapid breach highlights the dangers of improperly secured cloud storage and the need for better credential management practices. Organizations using cloud services should ensure that sensitive information is not publicly accessible and that test credentials are properly safeguarded. The incident serves as a stark reminder that even minor oversights can lead to significant security breaches, potentially compromising sensitive data. Companies need to take immediate action to review their cloud configurations and implement stricter access controls.

Feb 5, 2026

Alleged 764 member arrested, charged with CSAM possession in New York

CyberScoop

Authorities in New York have arrested a member of the group known as 764, charging him with possession of child sexual abuse material (CSAM). This arrest is part of a broader crackdown on the violent extremist collective, which has seen multiple members detained over the past year. The increased law enforcement activity aims to disrupt the group's operations and reduce the risks associated with its activities. This incident not only highlights the ongoing efforts to combat online exploitation but also raises awareness about the dangers posed by extremist groups that may exploit vulnerable individuals. The implications extend beyond the arrests, as it signals a commitment to addressing child exploitation and extremist violence.

Feb 5, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Security Affairs

Italy's Foreign Minister Antonio Tajani announced that the country successfully thwarted a series of cyberattacks linked to a pro-Russian group known as Noname057(16). These attacks targeted various entities, including the Foreign Ministry offices, with one affecting operations in Washington, D.C. Additionally, the group aimed at disrupting websites and hotels associated with the upcoming Milano Cortina 2026 Winter Olympics. This incident highlights ongoing cybersecurity concerns related to geopolitical tensions, particularly as major international events approach. The Italian government’s proactive measures demonstrate the importance of safeguarding critical infrastructure and national security against external threats.

Feb 5, 2026

Romanian oil pipeline operator Conpet discloses cyberattack

BleepingComputer

Conpet, Romania's national oil pipeline operator, reported a cyberattack on Tuesday that disrupted its business operations and took down its website. The attack affected the company’s ability to manage its systems effectively, although details on the type of attack or the perpetrators have not been disclosed. This incident raises concerns about the security of critical infrastructure, particularly in the energy sector, where such attacks can have significant implications for supply chains and national security. As authorities investigate, it’s crucial for companies in similar sectors to review their cybersecurity measures to prevent similar disruptions in the future.

Feb 5, 2026