← Back to Cybersecurity | ← All Articles
Cybersecurity

China-Linked Hackers Exploit Software Flaws to Target Universities

Thursday, July 9, 2026 DrakX Intelligence · Analyzed & Published Thursday, July 9, 2026
Hackers believed to be connected to China are using flaws in Roundcube email software to break into university systems and spy on academic researchers. The same group is also using fake tax software to distribute malware and gain access to other targets.
⬡ 2 pillars detected
CybersecurityGeopolitics & Global Events

Cybersecurity experts have discovered that hackers linked to China are exploiting security weaknesses in Roundcube, a popular email software used by many universities worldwide. These attacks are designed to spy on academic researchers and steal their information.

Roundcube is an email program that universities and organizations use to help people check their email through a web browser. When software has security problems, called vulnerabilities or flaws, hackers can find ways to break in and cause damage. The attackers are taking advantage of these weaknesses in Roundcube to gain unauthorized access to university email systems.

Once inside university systems, the hackers can read emails, access research information, and monitor what academic researchers are doing. Universities are important targets because researchers work on valuable projects and discoveries that could be worth a lot of money or give countries advantages in science and technology.

Security researchers have found that this same group of hackers is using another tactic as well. They are creating fake versions of an Indian tax filing utility, which is software that people in India use to file their taxes. When unsuspecting people download what they think is the real tax software, they actually get malware installed on their computers instead. Malware is harmful software that gives hackers control over a person's device.

The fake tax software is being used to distribute something called DcRAT, which is a tool that lets hackers take remote control of computers. Once DcRAT is installed, attackers can see everything happening on a person's screen, access files, and use the computer to attack other systems or steal more information.

These attacks show how hackers are using multiple methods to break into important systems and steal valuable information. By exploiting software flaws and creating fake tools that people trust, the attackers can gain access to sensitive academic research and other important data.

Universities and organizations are being urged to update their software immediately when security patches become available. Software patches are fixes that creators release to close security holes. People should also be careful about downloading software and make sure they are getting it from official, trusted sources rather than from unknown websites or links.

This discovery highlights how important it is for all organizations to stay alert about cybersecurity threats and keep their systems protected against hackers who are constantly finding new ways to break in and steal information.


hacking malware universities roundcube cyber-threats dcrat
// INTELLIGENCE SOURCES
undefined·undefined·undefined
RELATED INTELLIGENCE
Cybersecurity
Hackers Linked to China Target Universities Using Email Software Flaws
Cybersecurity
Multiple Critical Software Vulnerabilities Actively Exploited, CISA Issues Urgent Patches
Cybersecurity
Multiple Software Vulnerabilities Under Active Attack, CISA Orders Urgent Patching