← Back to Cybersecurity | ← All Articles
Cybersecurity

Hackers Linked to China Target Universities Using Email Software Flaws

Thursday, July 9, 2026 DrakX Intelligence · Analyzed & Published Thursday, July 9, 2026
Suspected China-aligned hackers are exploiting security flaws in Roundcube email software to break into university systems and steal research information. The same groups are also using fake tax software to spread malware to other targets.
⚡ HIGH CONVERGENCE
4 pillars detected
CybersecurityBig Tech & MarketsTech Stocks & SemiconductorsGeopolitics & Global Events

Hackers with suspected ties to China are attacking universities by exploiting weaknesses in Roundcube, a popular email software. Security researchers discovered that these attackers are using the flaws to access university computer systems and spy on academic researchers and their work.

Roundcube is email software that many organizations use to let people check their emails through a web browser. When software has security flaws, hackers can exploit those weak spots to sneak into systems they shouldn't access. In this case, the attackers are targeting universities specifically, likely to steal research information and intellectual property from academic institutions.

The suspected China-aligned hackers are also using another method to attack different targets. Security researchers found that these same groups are creating fake versions of Indian tax filing software. When people download what they think is legitimate tax software, they actually get infected with malware called DcRAT instead. DcRAT is a dangerous tool that gives hackers remote access to computers, allowing them to steal files, monitor activity, and control the infected systems.

This dual-attack approach shows that the hackers are casting a wide net. While one group focuses on universities and researchers through email vulnerabilities, they're also targeting regular people and organizations in other countries through fake software downloads. The Indian tax software scam is particularly concerning because people naturally trust official-looking tax preparation tools, making them more likely to install the malicious software.

Cybersecurity experts are urging organizations to take action. Universities and other institutions using Roundcube should update their software immediately to patch the security flaws. People should also be careful about downloading software and should only get programs from official websites or trusted app stores. It's important to verify that downloads are legitimate before installing anything on computers.

These attacks highlight ongoing cybersecurity threats from state-sponsored or state-aligned groups. Universities are attractive targets because they conduct valuable research in science, technology, and other fields. Stealing this research before it's published can give competitors and other countries advantages in innovation and development.

The discovery of these attacks serves as a reminder that cybersecurity is everyone's responsibility. Whether you're a university protecting research or an individual downloading software, staying alert and keeping systems updated are crucial defenses against hackers.


hackers roundcube universities malware dcrat cybersecurity data-theft
// INTELLIGENCE SOURCES
undefined·undefined·undefined
RELATED INTELLIGENCE
Cybersecurity
China-Linked Hackers Exploit Software Flaws to Target Universities
Cybersecurity
Multiple Critical Software Vulnerabilities Actively Exploited, CISA Issues Urgent Patches
Cybersecurity
Multiple Software Vulnerabilities Under Active Attack, CISA Orders Urgent Patching