5 min read
China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection
China-linked hackers exploited a Dell RecoverPoint zero-day (CVE-2026-22769) since mid-2024 to deploy malware like Grimbolt for long-term access. Dell patched the flaw and warns of active exploitation.