> TritonInfoSec News
Home / Jun 17, 2026 / Story
0
#4 The Hacker News general June 15, 2026 at 19:44 UTC

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

By [email protected] (The Hacker News)

AI Summary

Google's Threat Intelligence Group exposed UNC6508, a China-linked espionage actor that remained undetected inside North American medical, academic, and military research networks for over a year beginning in early 2025. Attackers compromised REDCap research servers to steal credentials, then abused victims' own Google Workspace email rules to silently exfiltrate sensitive research and defense communications.

Read full article → https://thehackernews.com/2026/06/chinese-hackers-…

Relevance score: 84.0/100

# More from June 17

  1. 1
    Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week The Hacker News
  2. 2
    China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth The Hacker News
  3. 3
    Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw The Hacker News
  4. 5
    One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes The Hacker News
  5. 6
    Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages SecurityWeek
  6. 7
    CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation The Hacker News
  7. 8
    Ransomware gang abuses Microsoft Teams relays to hide malicious traffic BleepingComputer
  8. 9
    Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware The Hacker News
  9. 10
    OptinMonster WordPress plugin hacked in CDN supply-chain attack BleepingComputer