Maximum severity hard-coded credential vulnerability exploited by China-nexus APT since mid-2024

Weekly insights on threats, vulnerabilities, and security best practices.

Dell RecoverPoint VM vulnerability CVE-2026-22769 (CVSS 10.0) exploited by Chinese APT UNC6201 since mid-2024 through hard-coded credentials, enabling complete infrastructure compromise.

UNC6201 threat actors exploited CVE-2026-22769, a CVSS 10.0 hard-coded credential vulnerability in Dell RecoverPoint for VMs, demonstrating sophisticated attack chains targeting enterprise backup infrastructure.

UNC6201 threat cluster exploited Dell RecoverPoint CVSS 10.0 zero-day since mid-2024, leveraging hard-coded credentials for initial access and lateral movement across enterprise environments.