Recent findings by Cisco Talos reveal that the Chinese threat actor UAT-7810 is actively developing its custom malware, known as LONGLEASH, to extend its Operational Relay Box (ORB) network. This group has been associated with the maintenance and proliferation of LapDogs, an ORB network that emerged in June 2025. The sophistication of UAT-7810's tactics underscores a significant evolution in their operational capabilities, focusing on exploiting vulnerabilities in internet-facing networking devices to enhance their attack vectors.
For businesses, the implications of UAT-7810's activities are profound. Organizations must prioritize the security of their internet-facing devices, as vulnerabilities in these systems can serve as gateways for advanced persistent threats. Implementing robust security measures, including regular updates, vulnerability assessments, and intrusion detection systems, is essential to mitigate the risks posed by such APT groups. As cyber threats grow increasingly complex and targeted, understanding and addressing the tactics of groups like UAT-7810 becomes crucial for maintaining cybersecurity resilience.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/07/china-linked-uat-7810-expands-orb.html)*