ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

UAT-7810 refines LONGLEASH to expand ORB network via compromised networking devices

Source headline: China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 1 week ago

Intelligence Summary

Cisco Talos reports that a China-linked actor tracked as UAT-7810 is enhancing the LONGLEASH malware. The activity focuses on expanding an ORB (Operational Relay Box) network by compromising internet-facing networking devices. This actor maintains and grows LapDogs, an ORB infrastructure that surfaced in mid-2025. The campaign matters because compromised edge devices can become persistent footholds for further intrusion. Network operators should review exposure of management interfaces and watch for LONGLEASH/LapDogs-related indicators.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#apt #longleash #orb #lapdogs #networking-devices
Original reporting The Hacker News China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware
Open original source