U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

China – Authorities arrested 10 members of the Wooyun ethical hacking group

The Chinese authorities have arrested 10 members of the popular Wooyun ethical hacking community, including the founder Fang Xaiodun. Chinese authorities have arrested popular white hats operating in the country, including the founder of one of the larger online ethical hacker community. The reason behind the arrest is still a mystery, the news was reported […]

China – Authorities arrested 10 members of the Wooyun ethical hacking group

The Chinese authorities have arrested 10 members of the popular Wooyun ethical hacking community, including the founder Fang Xaiodun.

Chinese authorities have arrested popular white hats operating in the country, including the founder of one of the larger online ethical hacker community. The reason behind the arrest is still a mystery, the news was reported first by the Chinese website Caixinwang and spread by the Hong Kong Free Press (HKFP).

Fang Xaiodun founder Wooyun

The young hacker, Fang Xaiodun, is the founder of the Wooyun community, he was arrested with other ten senior members of the group on July 22, a couple of weeks after the group held its annual convention in Beijing. The convention is considered one of the most interesting in the country and attracted that captured the interest of high-profile organizations.

“Around ten senior members of Wooyun – including Fang – were taken away by police without specific charges being made a week ago, according to a source cited by Caixinwang.” reported the Hong Kong Free Press.

“Everything happened very abruptly, even members within Wooyun were kept in the dark,” said the source. “People from Wooyun said there was no administrative procedures nor prior notice for the arrest,” the source added.”

Fang founded the hacking community in 2010, previously he was the head of security at Chinese search engine Baidu.

The Wooyun was known for its bug hunting activity, as similar groups worldwide its members only disclosed vulnerabilities if they were unable to receive a satisfactory answer from the vulnerable system operators.

Xaiodun is literally disappeared since July 18, he hasn’t posted any content to his WeChat account, and the official website of the Wooyun group has been suspended since July 20.

The Hong Kong Free Press speculates that the Wooyun group has shut down the website as a precaution fearing possible repercussions.

At the time I was writing there is no official statement of the case, experts speculate the members of the Wooyun group may have targeted a government entity for testing purpose, causing the reaction of the authorities.

“Multiple theories regarding the arrest have surfaced in the community. Some speculate that Wooyun was involved in legal issues after publicising certain websites’ system loopholes shortly before they were hacked by a third-party. Others suspect that Wooyun members were involved in testing the vulnerabilities of government networks without authorisation.”

The Internet Society of China’s legal consultant Zhao Zhanling told HKFP the Wooyun site was used only as the disclosure platform.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Wooyun group,  Hacking)