:

CHINESE HACKERS DEPLOY LONGLEASH MALWARE

SECURITY DESK1 MIN READ
TUE, JUL 7, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Chinese threat actors tracked as UAT-7810 are actively developing the LONGLEASH malware to expand their Operational Relay Box (ORB) network. The campaign primarily targets unpatched Ruckus routers and other internet-facing networking devices.

UAT-7810 operators are leveraging LONGLEASH to compromise networking infrastructure and establish relay nodes within their ORB network. The malware targets vulnerabilities in Ruckus routers, exploiting devices that lack security patches. Operational Relay Boxes serve as intermediary nodes for command-and-control communications and lateral movement across compromised networks. By expanding their ORB infrastructure, the threat actors increase their operational flexibility and resilience. Security researchers recommend organizations immediately patch Ruckus devices and segment network access to limit exposure. Administrators should audit internet-facing networking equipment for unauthorized access and monitor for suspicious relay traffic. The campaign reflects broader trends of state-sponsored actors targeting network infrastructure to establish persistent footholds within target organizations.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

JUST NOWAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

3H AGOIndustry Desk

Vancouver Police Department has implemented a discreet button on its website that instantly closes the page and clears browser history when clicked. The feature is designed to help domestic violence survivors quickly hide their browsing activity.

3H AGOIndustry Desk

Europe's digital identity wallet age verification system will only work on iOS and Android devices, excluding alternative mobile platforms. The technical specification has drawn criticism from privacy advocates and open-source developers.

8H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.