Cisco Talos reports that the China-nexus threat actor UAT-7810 is exploiting known vulnerabilities in unpatched Ruckus and ASUS routers to deploy custom malware, including upgraded LONGLEASH and DOGLEASH backdoors. These exploits are used to build Operational Relay Box (ORB) networks, enabling other APT groups to launch attacks while masking their origins.
| Vendor | Product | Versions |
|---|---|---|
| ruckus and asus | routers | — |