All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Chinese State-Sponsored 'Operation Dragon Weave' Spear-Phishing Campaign Targets Czech and Taiwanese Organizations

By

Alexander Culafi

10d ago· 6 min readenNews
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Hot, fresh, and worth queueing round the block for.

Score100TypenewsSentimentnegative

Summary

Chinese nation-state threat actors are conducting a spear-phishing campaign called "Operation Dragon Weave" targeting organizations in the Czech Republic and Taiwan. The campaign uses a dual-method approach involving email attachments with zip files that deploy the Azureveil malware for data exfiltration. The primary targets are in government, public sector, research, academia, technology, software, and financial services verticals. The research was published by security vendor Seqrite.

Key quotes

· 3 pulled
Chinese nation-state threat actors are targeting specific organizations in the Czech Republic and Taiwan for data exfiltration
"Operation Dragon Weave," a spear-phishing campaign that starts with sending email to a target with an attached zip file and instructions to open it
The campaign focuses on well-defined verticals: government and the public sector; research and academia; technology and software; and financial services
Snippet from the RSS feed
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.

You might also wanna read

Early Exploitation of React2Shell Vulnerability (CVE-2025-55182) Targets Critical Infrastructure

The article details early exploitation activity following the public disclosure of the critical React2Shell vulnerability (CVE-2025-55182).

blog.cloudflare.com·6mo ago

Sophisticated Phishing Campaign Targets SendGrid Users with Political-Themed Emails

The article describes a sophisticated phishing campaign targeting SendGrid users that exploits American political tensions. Hackers send ema

fredbenenson.com·5mo ago

FBI official says China's Salt Typhoon espionage campaign likely compromised data of nearly every American

An FBI cyber official stated that China's Salt Typhoon espionage campaign has likely stolen information from nearly every American through y

theregister.com·9mo ago

Kimsuky Leak Exposes North Korea's Credential Theft Operations and Chinese Infrastructure Links

A rare breach attributed to a North Korean-affiliated actor known as "Kim" has exposed detailed insights into Kimsuky (APT43) operations. Th

dti.domaintools.com·9mo ago

Israeli Surveillance Firm Paragon Solutions Exposes Its Own Spyware Dashboard on LinkedIn

Israeli surveillance company Paragon Solutions accidentally exposed its spyware dashboard on LinkedIn, revealing the operational interface u

ahmedeldin.substack.com·3mo ago

Analysis of First Reported AI-Orchestrated Cyber Espionage Campaign Detected in 2025

The article describes the discovery and analysis of the first reported AI-orchestrated cyber espionage campaign detected in mid-September 20

anthropic.com·7mo ago