{"id":52347,"date":"2023-06-15T15:29:22","date_gmt":"2023-06-15T15:29:22","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34724\/Barracuda-Zero-Day-Attacks-Attributed-To-Chinese-Cyberespionage-Group.html"},"modified":"2023-06-15T15:29:22","modified_gmt":"2023-06-15T15:29:22","slug":"barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/","title":{"rendered":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/05\/Barracuda-zero-day-1024x659.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p><strong>The recent attacks exploiting a zero-day vulnerability in a Barracuda Networks email security appliance have been attributed by Mandiant to a Chinese cyberespionage group.<\/strong>\n<\/p>\n<p>The attacks were discovered by Barracuda on May 18 and the company hired Mandiant to help investigate. Mandiant, which is now owned by Google Cloud, said multiple intelligence and government partners also assisted with the investigation.&nbsp;\n<\/p>\n<p>The cybersecurity firm has <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/barracuda-esg-exploited-globally\" target=\"_blank\" rel=\"noreferrer noopener\">attributed the campaign<\/a> to a threat actor it has named UNC4841, which it believes \u2014 with high confidence \u2014 is a cyberespionage group operating on behalf of the Chinese government.&nbsp;\n<\/p>\n<p>Charles Carmakal, CTO of Mandiant Consulting, said in comments shared with <em>SecurityWeek<\/em> that this is the \u201cbroadest cyber espionage campaign known to be conducted by a China-nexus threat actor since the mass exploitation of Microsoft Exchange in early 2021\u201d, with the email security appliances of hundreds of organizations getting hit.&nbsp;\n<\/p>\n<p>The zero-day leveraged in the campaign, tracked as <a href=\"https:\/\/www.securityweek.com\/zero-day-vulnerability-exploited-to-hack-barracuda-email-security-gateway-appliances\/\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-2868<\/a>, impacts Barracuda Email Security Gateway (ESG), specifically a module designed for the initial screening of email attachments. Malicious actors can exploit the vulnerability for remote command injection by sending the targeted entity an email containing a specially crafted TAR file as an attachment.&nbsp;\n<\/p>\n<p>In the attacks observed by Mandiant, the hackers attached the exploit to poorly-written emails.\n<\/p>\n<p>\u201cMandiant assesses UNC4841 likely crafted the body and subject of the message to appear as generic spam in order to be flagged by spam filters or dissuade security analysts from performing a full investigation. Mandiant has observed this tactic utilized by advanced groups exploiting zero-day vulnerabilities in the past,\u201d Mandiant explained.<\/p>\n<div class=\"zox-post-ad-wrap\"><span class=\"zox-ad-label\">Advertisement. Scroll to continue reading.<\/span><\/div>\n<p><a href=\"https:\/\/www.securityweek.com\/barracuda-zero-day-exploited-to-deliver-malware-for-months-before-discovery\/\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-2868 has been exploited<\/a> since at least October 2022 to gain initial access to Barracuda appliances. The exploit allowed the cyberspies to execute a reverse shell, after which they downloaded custom backdoor malware to the device.\n<\/p>\n<p>Three primary custom backdoors have been identified: SeaSpy, SaltWater and SeaSide. These pieces of malware are designed for C&amp;C communications, downloading and executing files, executing commands, and providing proxying capabilities. The attackers also deployed a rootkit named SandBar that appears to hide the SeaSpy malware.&nbsp;\n<\/p>\n<p>In addition to these malware families, Mandiant has observed trojanized versions of several legitimate Barracuda LUA modules, which are designed to perform various actions when certain email-related events are detected on the appliance. These LUA modules have been named SeaSpray and SkipJack by Mandiant.&nbsp;\n<\/p>\n<p>A few weeks after the attack was detected, Barracuda urged customers to <a href=\"https:\/\/www.securityweek.com\/barracuda-urges-customers-to-replace-hacked-email-security-appliances\/\" target=\"_blank\" rel=\"noreferrer noopener\">immediately replace compromised appliances<\/a>, indicating that the patches it had deployed did not fully protect devices.&nbsp;\n<\/p>\n<p>Indeed, Mandiant noted that the attackers started modifying their malware and deploying additional persistence mechanisms in response to Barracuda\u2019s actions.\n<\/p>\n<p>\u201cBetween May 21, 2023, and May 22, 2023, shortly following Barracuda\u2019s initial&nbsp;remediation script deployment, UNC4841 quickly made modifications to both SeaSpy and SaltWater related components in order to prevent effective patching,\u201d Mandiant explained. \u201cBetween May 22, 2023 and May 24, 2023, UNC4841 conducted high frequency operations on a number of victims located in at least 16 different countries; modifying 7 components of SeaSpy and at least 2 components of SaltWater.\u201d\n<\/p>\n<p>UNC4841 was observed exfiltrating email-related data from victims, including European and Asian government officials in Southeast Asia, as well as high-profile academics in Hong Kong and Taiwan.&nbsp;\n<\/p>\n<p>Targets also included the Ministry of Foreign Affairs of the Association of Southeast Asian Nations (ASEAN), foreign trade offices, and academic research organizations.\n<\/p>\n<p>\u201cThe actors searched for email accounts belonging to individuals working for a government with political or strategic interest to the PRC at the same time that this victim government was participating in high-level, diplomatic meetings with other countries,\u201d Mandiant said.\n<\/p>\n<p>The company pointed out that more than a quarter of victims are government organizations.&nbsp;\n<\/p>\n<p>Mandiant said more than half of the impacted organizations are in the Americas, but that is not surprising considering that this is where the Barracuda appliance is mainly used. The remaining victims were split between the APAC and EMEA regions.&nbsp;\n<\/p>\n<p>In addition to the targeting of entities that present an interest to Beijing, there is some technical evidence linking the attacks to China, including the origin of some emails, the use of a specific mail client, and infrastructure and malware code overlaps previously tied to Chinese cyberspies.\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/many-13-new-mac-malware-families-discovered-2022-linked-china\/\">Many of 13 New Mac Malware Families Discovered in 2022 Linked to China<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/us-probing-cybersecurity-risks-of-rockwell-automations-china-operations-report\/\">US Probing Cybersecurity Risks of Rockwell Automation\u2019s China Operations: Report<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/spies-hackers-informants-how-china-snoops-on-the-us\/\">Spies, Hackers, Informants: How China Snoops on the US<\/a>\n<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34724\/Barracuda-Zero-Day-Attacks-Attributed-To-Chinese-Cyberespionage-Group.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52348,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[9938],"class_list":["post-52347","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackerchinacyberwar"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-15T15:29:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/05\/Barracuda-zero-day-1024x659.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group\",\"datePublished\":\"2023-06-15T15:29:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/\"},\"wordCount\":748,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg\",\"keywords\":[\"headline,hacker,china,cyberwar\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/\",\"name\":\"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg\",\"datePublished\":\"2023-06-15T15:29:22+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg\",\"width\":1024,\"height\":659},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,china,cyberwar\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerchinacyberwar\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/","og_locale":"en_US","og_type":"article","og_title":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-06-15T15:29:22+00:00","og_image":[{"url":"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/05\/Barracuda-zero-day-1024x659.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group","datePublished":"2023-06-15T15:29:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/"},"wordCount":748,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg","keywords":["headline,hacker,china,cyberwar"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/","url":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/","name":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg","datePublished":"2023-06-15T15:29:22+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group.jpg","width":1024,"height":659},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,china,cyberwar","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerchinacyberwar\/"},{"@type":"ListItem","position":3,"name":"Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52347"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52347\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52348"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}