China-Backed Hackers Share Logins in Spyware Alliance
China-backed hackers share logins through a newly uncovered program dubbed “Premier Pass-as-a-Service,” according to a report from Trend Research. The report highlights a surge in coordination among China-aligned advanced persistent threat (APT) groups, marking a significant evolution in global cyberespionage tactics. These groups are now exchanging credentials and network access, enabling wider infiltration across targeted organizations worldwide.
The research outlines a systematic approach where China-backed hackers share logins across multiple APT actors, allowing them to leverage previously compromised systems. This collaboration has intensified attacks and made attribution more difficult for defenders. The report also links the activity to six known vulnerabilities, including CVE-2025-62526 and CVE-2024-21887, which have been exploited to gain initial access.
Trend Research warns that this model could signal a long-term shift in APT operations. For a detailed breakdown of the attack methods and vulnerabilities involved, read the full report here: