A hacker, linked to China and known as UNC5174, has been exploiting Connectwise F5 software vulnerabilities targeting US defense and other high-value targets.

The cyberattacks are believed to be orchestrated by the Chinese Ministry of State Security and have affected hundreds of institutions in the US, Canada, Asia, and the UK.

UNC5174 exploits specific vulnerabilities, identified as CVE-2024-1709 and CVE-2023-46747, to gain unauthorized access to the targeted systems.

The hacking techniques involve creating administrative accounts, implanting malicious software, and moving laterally across the compromised networks.

The incidents underscore the necessity for organizations to implement stringent cybersecurity defenses to combat the risks posed by these software flaws.