An anonymous reader shared this report from The Register: Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised U.S. defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.

The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of CVE-2023-46747, a 9.8-out-of-10-CVSS-rated remote code execution bug in the F5 BIG-IP Traffic Management User Interface, and CVE-2024-1709, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.

UNC5174 uses the online persona Uteus, and has bragged about its links to China's Ministry of State Security (MSS) — boasts that may well be true. The gang focuses on gaining initial access into victim organizations and then reselling access to valuable targets... Just last month, Mandiant noticed the same combination of tools, believed to be unique to this particular Chinese gang, being used to exploit the ConnectWise flaw and compromise "hundreds" or entities, mostly in the U.S. and Canada. Also between October 2023 and February 2024, UNC5174 exploited CVE-2023-22518 in Atlassian Confluence, CVE-2022-0185 in Linux kernels, and CVE-2022-3052, a Zyxel Firewall OS command injection vulnerability, according to Mandiant.

These campaigns included "extensive reconnaissance, web application fuzzing, and aggressive scanning for vulnerabilities on internet-facing systems belonging to prominent universities in the U.S., Oceania, and Hong Kong regions," the threat intel team noted.
More details from The Record. "One of the strangest things the researchers found was that UNC5174 would create backdoors into compromised systems and then patch the vulnerability they used to break in. Mandiant said it believes this was an 'attempt to limit subsequent exploitation of the system by additional unrelated threat actors attempting to access the appliance.'"

"Hollywood is bracing for another actors strike, this time against the videogame industry," according to MarketWatch: "We're currently in bargaining with all the major game studios, and the major sticking point is AI," SAG-AFTRA National Executive Director Duncan Crabtree-Ireland said Thursday. "Actors at all levels are at risk of digital replication. We have strike authorization on that contract and it is, at this point — we could end up going on strike...."

The union, which navigated its way to a new film and TV contract after a 118-day strike against the Hollywood studios last year, is again focusing on regulating artificial intelligence and its impact on wages and jobs. "It will be a recurring issue with each successive contract" every three years, Crabtree-Ireland said.
Some studios are already using AI-generated voices to save money, the article points out. "Actors and actresses should be very much afraid," Chris Mattmann, an adjunct research professor at the University of Southern California's Computer Science Department, says in the article. "Within three seconds, gen AI can effectively clone a voice."

The strike could affect Microsoft's Activision Publishing and Disney, as well as other major game publishers including Electronic Arts, Epic Games, and Warner Bros.