6/ This attack highlights the role that the open source community plays in supporting civil society. Their work is critical to ensuring access to tools that empower communities around the world.
5/ Google alerts and diligence on the part of the World Uyghur Congress staff prevented this attack from executing, but it highlights the ongoing threat of digital attacks against individuals, organizations, and the community as a whole.
4/ Tools like this are important to the community as they provide standardized support for the Uyghur language at a time when the Chinese government is trying to restrict its use.
3/ This attack attempted to deliver a hijacked version of a legitimate open-source tool developed to support writing in the Uyghur language.
The version of UyghurEdit++ on Github remains safe to use.
2/ In what is an all-to-common occurrence, attackers sent a spearphishing email to senior members of the World Uyghur Congress - a group working to to advance the human rights of Uyghurs in both Xinjiang and the diaspora.
New report out today from @citizenlab highlighting the ongoing digital transnational repression targeting the Uyghur diaspora. citizenlab.ca/2025/04/uygh...
In this episode of @cyberseccenter.bsky.social's Distilling Cyber Policy podcast, @pdxbek.bsky.social and @jsrailton.bsky.social discuss the Citizen Lab’s “Rivers of Phish” report, which exposed a phishing campaign targeting Russia’s perceived adversaries. www.buzzsprout.com/2216164/epis...
Two new reports out from @tibetaction.bsky.social
and @tibcert.bsky.social covering over two decades of digital espionage targeting the Tibetan Community in Exile.
