VulnHub

Real-time Cybersecurity News

EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations

SecurityWeek

Overview

The European Union has imposed sanctions on two Chinese individuals, two Chinese companies, and one Iranian firm for their involvement in hacking operations targeting EU member states. This action reflects ongoing concerns about cyber threats linked to state-sponsored actors and their impact on national security and digital infrastructure. The sanctioned entities are believed to have contributed to cyber activities that undermine the stability and security of EU countries. By taking these measures, the EU aims to deter further malicious cyber operations and hold accountable those involved in such activities. This situation underscores the increasing vigilance by international bodies in combating cybercrime and protecting digital sovereignty.

Key Takeaways

  • Timeline: Newly disclosed

Original Article Summary

The sanctions target two Chinese individuals, two Chinese companies, and one Iranian firm involved in hacking EU member states. The post EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations appeared first on SecurityWeek.

Impact

Not specified

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Ransomware gang exploits Cisco flaw in zero-day attacks since January

BleepingComputer

The Interlock ransomware gang has been actively exploiting a serious remote code execution vulnerability in Cisco's Secure Firewall Management Center (FMC) software since late January. This flaw, classified as having maximum severity, allows attackers to execute arbitrary code on affected systems, putting organizations at significant risk. Companies using this software should be particularly vigilant, as the vulnerability is being exploited in ongoing attacks. Cisco has not yet released a patch to address this issue, which raises concerns about the potential for widespread impact. Organizations relying on Cisco FMC should prioritize security measures and closely monitor any unusual activity to safeguard their networks.

Mar 18, 2026

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

The Hacker News

Amazon Threat Intelligence has issued a warning regarding an active ransomware campaign known as Interlock, which is exploiting a significant vulnerability in Cisco's Secure Firewall Management Center (FMC) Software. This vulnerability, identified as CVE-2026-20131, has a maximum severity score of 10.0 and stems from an insecure deserialization of user-supplied Java byte streams. This flaw could allow attackers to gain root access without authentication, posing a serious risk to organizations using affected Cisco products. The exploitation of this vulnerability is concerning as it enables unauthorized access, potentially leading to data breaches and system compromises. Companies using Cisco FMC Software must take immediate action to protect their systems from this ongoing threat.

Mar 18, 2026

New Ubuntu Flaw Enables Local Attackers to Gain Root Access

Infosecurity Magazine

A new vulnerability identified as CVE-2026-3888 has been discovered in Ubuntu's snap package management system, allowing local users to escalate their privileges to root access through a timing-based exploit. This flaw poses a significant risk particularly for multi-user environments, as any local user could potentially gain complete control over the affected system. Ubuntu has not specified which versions are impacted, but users running the snap package system should be aware of this vulnerability. The implications of this flaw are serious, as it could enable attackers to manipulate system settings, install malicious software, or access sensitive information. Users are advised to monitor for updates from Ubuntu and apply patches as they become available.

Mar 18, 2026

Marquis: Ransomware gang stole data of 672K people in cyberattack

BleepingComputer

Marquis, a financial services provider based in Texas, recently reported that a ransomware attack in August 2025 compromised the personal data of over 672,000 individuals. The breach also had significant operational impacts, affecting 74 banks across the United States. The stolen data may include sensitive information, raising concerns about identity theft and privacy for those affected. This incident highlights the vulnerabilities in the financial sector and the ongoing threat posed by ransomware groups. Organizations in this space need to enhance their cybersecurity measures to protect both their operations and customer data.

Mar 18, 2026

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

Infosecurity Magazine

A malicious Chrome extension called ShieldGuard was discovered to be a crypto scam masquerading as a security tool. This extension primarily targeted users looking to protect their cryptocurrency wallets but instead siphoned off sensitive wallet information and drained user data. Researchers found that once installed, the extension would exploit its permissions to access and transfer funds from users' crypto wallets. This incident affects anyone who installed the ShieldGuard extension, highlighting the ongoing risks of using unverified browser extensions in the cryptocurrency space. Users are urged to be cautious and only download extensions from reputable sources to safeguard their assets.

Mar 18, 2026

New “Darksword” iOS exploit used in infostealer attack on iPhones

BleepingComputer

A new exploit kit called 'Darksword' is being used to target iPhones, particularly affecting users of cryptocurrency wallet applications. This exploit allows attackers to steal various personal information from compromised devices. The existence of Darksword raises significant concerns, especially for those who handle sensitive financial data on their mobile devices. As users increasingly rely on their phones for managing cryptocurrencies, the risk of falling victim to such attacks is growing. It’s crucial for iPhone users to stay vigilant and ensure their devices are updated to protect against these vulnerabilities.

Mar 18, 2026