Chinese Hackers Target Governments and Journalists in Asia and Europe
Researchers uncover a China-linked cyber espionage campaign affecting governments, journalists, and activists in Asia and a NATO nation.

Chinese Hackers Target Governments and Journalists in Asia and Europe
Recent findings in the field of cybersecurity reveal a sophisticated espionage campaign orchestrated by a hacking group with links to China. The operation has targeted government entities and defense sectors in South, East, and Southeast Asia, as well as a European NATO member state. Detailed information comes from the cybersecurity firm Trend Micro, which has identified this activity under the temporary designation SHADOW-EARTH-053.
Scope and Objectives of the Espionage Campaign
The SHADOW-EARTH-053 campaign stands out for its broad geographic scope and the diversity of its targets. Beyond government and military agencies, the research indicates that journalists and activists have also been targeted, suggesting a multifaceted strategy to obtain sensitive information and exert influence.
The nature of the attacks points to a prolonged cyber espionage effort designed to infiltrate networks, exfiltrate data, and potentially maintain persistent access. While specific details regarding exploiting tactics and the type of information sought are still being declassified, the attribution to a China-aligned actor raises concerns within the international security community.
Implications and Cybersecurity Risks
These types of operations underscore the growing threat posed by state-sponsored actors in cyberspace. The ability of these groups to launch complex and targeted attacks highlights the need to strengthen digital defenses globally. The possibility that previously unknown or neglected vulnerabilities are used to achieve intrusion is a constant concern. In fact, we have seen how security flaws, such as a critical vulnerability in cPanel, can open the door to hacking risks and active attacks.
Furthermore, although the Trend Micro report does not explicitly mention the use of ransomware, the sophistication of these groups implies they could employ various malicious tools. CISA's warning about new critical vulnerabilities and the associated risk of ransomware serves as a constant reminder of evolving threats.
Conclusion: Strengthening Digital Defense
The SHADOW-EARTH-053 campaign is a clear indicator of the persistent threat of cyber espionage and information warfare. Protecting critical infrastructure, government data, and freedom of the press requires constant vigilance and continuous investment in cybersecurity. International collaboration and intelligence sharing are fundamental to effectively countering these malicious actors and mitigating the risk of future attacks.
Source: The Hacker News (https://thehackernews.com/2026/05/china-linked-hackers-target-asian.html)
Related articles
11 de julio de 2026
Condemna històrica: membre de la banda Ryuk ransomware admet la seva culpabilitat
Un ciutadà armeni es declara culpable als EUA pel desplegament de ransomware Ryuk, afrontant una possible sentència de 15 anys de presó.
11 de julio de 2026
Historic Conviction: Ryuk Ransomware Gang Member Admits Guilt
An Armenian national pleads guilty in the U.S. for deploying Ryuk ransomware and faces a potential 15-year prison sentence.
11 de julio de 2026
Condena histórica: miembro de la banda Ryuk ransomware admite su culpa
Un ciudadano armenio se declara culpable en EE. UU. por el despliegue de ransomware Ryuk, enfrentando una posible sentencia de 15 años de prisión.
10 de julio de 2026
Hackers exploten Microsoft Entra: Nova vulnerabilitat en passkeys
Un grup d'actors maliciosos utilitza enginyeria social per comprometre comptes de Microsoft 365 mitjançant falsos registres de passkeys a Entra.
Loading comments...