Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Chinese hackers abuse geo-mapping tool for year-long persistence
Threat Actors
October 15, 2025
BleepingComputer
Chinese APT group Flax Typhoon exploited ArcGIS Server's Server Object Extension (SOE) to maintain undetected access in a target network for over a year. The attackers used valid admin credentials to deploy a malicious Java SOE.
Read More
Flax Typhoon
ArcGIS
Publisher
Previous
Capita Fined £14m After 2023 Breach that Hit 6.6 Millio ...
Incident Response, Learnings
Next
Known Exploited Vulnerabilities Catalog
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/public_image/infosecurity-magazinec5ebd668-f415-46ec-b524-ff7e3c0c1b96.jpg)
/https://cyware-ent.s3.amazonaws.com/public_image/cisadbc0b0da-ae7a-4548-b560-d0d0f19af34f.png)
