Google: Chinese state attackers going after Dell zero-day since mid-2024 | CyberScoop<\/title> <meta name=\"description\" content=\"Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they\u2019ve moved on to a more advanced version of Brickstorm malware called Grimbolt.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/china-brickstorm-grimbolt-dell-zero-day\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Chinese hackers exploited a Dell zero-day for 18 months before anyone noticed\"> <meta property=\"og:description\" content=\"Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they\u2019ve moved on to a more advanced version of Brickstorm malware called Grimbolt.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/china-brickstorm-grimbolt-dell-zero-day\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-02-18T00:32:44+00:00\"> <meta property=\"article:modified_time\" content=\"2026-02-18T00:32:46+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg\"> <meta property=\"og:image:width\" content=\"5122\"> <meta property=\"og:image:height\" content=\"3415\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1770142553g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1771335878g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1767808656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/87807\"><meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=87807\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fchina-brickstorm-grimbolt-dell-zero-day%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fchina-brickstorm-grimbolt-dell-zero-day%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-87807 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/china-brickstorm-grimbolt-dell-zero-day\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.98\">\n<div class=\"single-article__header-content\" readability=\"35.602222222222\">\n<p> Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they\u2019ve moved on to a more advanced version of Brickstorm malware called Grimbolt. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/87807\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg 5122w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=1012,675 1012w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-2.jpg?resize=1264,843 1264w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"> <\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"43.913789517471\"><body readability=\"92.234784700505\"><\/p>\n<p>Researchers uncovered more worrying details about a long-running cyber espionage campaign suspected to be backed by the Chinese government, exemplifying how such attacks often go undetected until they\u2019ve already caused significant damage.<\/p>\n<p>Google Threat Intelligence Group and Mandiant said the Chinese threat group UNC6201 has been <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/unc6201-exploiting-dell-recoverpoint-zero-day\">exploiting a zero-day vulnerability<\/a> in Dell RecoverPoint for Virtual Machines since at least mid-2024. The group overlaps with UNC5221, also known as Silk Typhoon, which has been burrowing into critical infrastructure and government agency networks undetected since at least 2022.<\/p>\n<p>The zero-day exploitation marks an escalation from this particular cluster of actors. State-sponsored attackers spent years implanting <a href=\"https:\/\/cyberscoop.com\/chinese-cyberespionage-campaign-brickstorm-mandiant-google\/\">Brickstorm malware<\/a> into networks before the campaign was finally detected last summer. By September, however, the attackers had replaced Brickstorm with Grimbolt, a more advanced malware that\u2019s harder to detect, Google security researchers said Tuesday.<\/p>\n<p>The zero-day vulnerability \u2014 <a href=\"https:\/\/www.dell.com\/support\/kbdoc\/en-us\/000426773\/dsa-2026-079\">CVE-2026-22769<\/a> \u2014 hinges on a hardcoded administrator password in Dell RecoverPoint for Virtual Machines that was pulled from Apache Tomcat. It carries a 10\/10 CVSS rating. The Chinese threat group has been using the hardcoded password, which triggers the vulnerability and allows unauthenticated remote attackers to gain full system access with root-level persistence for at least 18 months, Google said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Dell Technologies disclosed and released a patch for the vulnerability Tuesday. A company spokesperson urged customers to follow guidance in its security advisory.<\/p>\n<p>\u201cWe are aware of less than a dozen impacted organizations, but because the full scale of this campaign is unknown we recommend that organizations previously targeted by Brickstorm look out for Grimbolt in their environments,\u201d Austin Larsen, principal analyst at GTIG, told CyberScoop.<\/p>\n<p>When the Cybersecurity and Infrastructure Security Agency unveiled new details about the campaign in December, Google said <a href=\"https:\/\/cyberscoop.com\/china-brickstorm-malware-cyber-espionage-campaign-cisa-dhs-alert\/\">dozens of U.S. organizations<\/a>, not including downstream victims, had already been impacted by Brickstorm. <\/p>\n<p>\u201cThe actor is likely still active in unpatched and remediated environments, and because exploitation has been occurring since mid-2024, they have had significant time to establish persistence and carry out long-term espionage,\u201d Larsen added.<\/p>\n<p>The campaign \u2014 one of many concurrent efforts by China state-sponsored groups to embed themselves into networks for long-term access, disruptions and potential sabotage \u2014 remains a top area of concern for national security.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>CISA, the National Security Agency and Canadian Centre for Cyber Security released <a href=\"https:\/\/www.cisa.gov\/news-events\/analysis-reports\/ar25-338a\">new analysis on Brickstorm<\/a> last week to share indicators and compromise that could help potential victims detect malicious activity on their networks.<\/p>\n<p>Yet, the China-linked groups involved in this campaign have already moved on to Grimbolt, in some cases replacing older Brickstorm binaries with the new backdoor that\u2019s more difficult to reverse engineer, according to Google.<\/p>\n<p>Marci McCarthy, director of public affairs at CISA, told CyberScoop the agency will share further information on Wednesday.<\/p>\n<p>Google\u2019s fresh research on the China state-sponsored campaign demonstrates how the threat group\u2019s tenacity, and ability to dwell undetected in networks longer than 400 days, keeps defenders and cyber authorities at a disadvantage.<\/p>\n<p>The threat groups typically target edge applications and devices running on systems without endpoint detection and response, but researchers don\u2019t know how attackers broke into the networks of the most recently discovered victims. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Researchers only have a narrow view of the threat groups\u2019 activities at large. <\/p>\n<p>\u201cWe suspect a significant portion of UNC5221 and UNC6201\u2019s activity likely remains unknown, and there is a strong probability that they are developing or using undiscovered zero-days and malware,\u201d Larsen said. \u201cThe most concerning aspect of this campaign is that additional organizations were likely compromised as part of this campaign and do not know it yet.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"2.8246153846154\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/china-brickstorm-grimbolt-dell-zero-day\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google: Chinese state attackers going after Dell zero-day since mid-2024<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5957,3171,5075,271,452,5958,3729,5959,281,168,646,256,3838,288,3443,5960,5781,2281,1544,5292],"tags":[5961,3173,5078,277,454,5962,3731,5963,285,169,650,262,3840,294,3446,5964,5784,2283,1545,5296],"class_list":["post-8359","post","type-post","status-publish","format-standard","hentry","category-apache","category-backdoor","category-brickstorm","category-china","category-cybersecurity-and-infrastructure-security-agency-cisa","category-dell-technologies","category-google-threat-intelligence-group","category-grimbolt","category-hacking","category-malware","category-mandiant","category-research","category-silk-typhoon","category-threats","category-unc5221","category-unc6201","category-virtual-machines","category-vulnerability","category-zero-day","category-zero-day-exploit","tag-apache","tag-backdoor","tag-brickstorm","tag-china","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-dell-technologies","tag-google-threat-intelligence-group","tag-grimbolt","tag-hacking","tag-malware","tag-mandiant","tag-research","tag-silk-typhoon","tag-threats","tag-unc5221","tag-unc6201","tag-virtual-machines","tag-vulnerability","tag-zero-day","tag-zero-day-exploit"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apache\/\" rel=\"category tag\">apache<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/backdoor\/\" rel=\"category tag\">backdoor<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/brickstorm\/\" rel=\"category tag\">Brickstorm<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dell-technologies\/\" rel=\"category tag\">dell technologies<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-threat-intelligence-group\/\" rel=\"category tag\">Google Threat Intelligence Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/grimbolt\/\" rel=\"category tag\">Grimbolt<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/hacking\/\" rel=\"category tag\">hacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/malware\/\" rel=\"category tag\">Malware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mandiant\/\" rel=\"category tag\">Mandiant<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/silk-typhoon\/\" rel=\"category tag\">Silk Typhoon<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unc5221\/\" rel=\"category tag\">UNC5221<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/unc6201\/\" rel=\"category tag\">UNC6201<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/virtual-machines\/\" rel=\"category tag\">virtual machines<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability\/\" rel=\"category tag\">vulnerability<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-day\/\" rel=\"category tag\">Zero-day<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-day-exploit\/\" rel=\"category tag\">zero-day exploit<\/a>","tag_info":"zero-day exploit","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8359","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8359"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8359\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8359"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8359"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8359,"date":"2026-02-17T18:32:44","date_gmt":"2026-02-18T00:32:44","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=87807"},"modified":"2026-02-17T18:32:44","modified_gmt":"2026-02-18T00:32:44","slug":"chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/02\/17\/chinese-hackers-exploited-a-dell-zero-day-for-18-months-before-anyone-noticed\/","title":{"rendered":"Chinese hackers exploited a Dell zero-day for 18 months before anyone noticed"},"content":{"rendered":"