APTs

A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa, and the Americas, according to cybersecurity researchers.

The attacks, observed between June 2024 and January 2025, primarily targeted the manufacturing sector, deploying ShadowPad malware and, in limited cases, the NailaoLocker ransomware.

Belgium’s State Security Service (VSSE) has suffered what is being described as its most severe security breach to date.

For nearly two years, a group of Chinese hackers exploited a vulnerability in Barracuda’s Email Security Gateway Appliance, a cybersecurity tool used by the VSSE, to access approximately 10% of the agency’s email traffic.

The breach, which also impacted the Belgian Pipeline Organisation (BPO), was first revealed in 2023 by Knack and Datanews, but its full extent has only now come to light.