APT10
Coverage omission — Eastern
China-attributed threat group known for large-scale managed service provider compromises enabling downstream access to MSP customers globally. Also known for Operation Cloud Hopper. Active since at least 2009.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low1.1
Low signal strength
Mentions2
Sources0
High conf.0
Last seenJun 2026
First observed
2009
Last active
Active
Origin
China — attributed by US, UK, EU, Japanese governments to Chinese Ministry of State Security
Aliases
7
Techniques
0
Campaigns
4
China — attributed by US, UK, EU, Japanese governments to Chinese Ministry of State Securityconsensus confidence
TargetsManaged Service ProviderGovernmentDefenceTechnology
RegionsUsEuJpAuGlobal
Attribution signals
2 mentions · 0 sources#1are thought to bemoderate
Unspecified
xforce
Jun 2026
"Chinese state-sponsored group APT 10, also known as Stone Panda, are thought to be behind the attacks."
#2are suspected ofmoderate
Unspecified
xforce
Jun 2026
"The Chinese state-sponsored group APT 10, or Stone Panda, are suspected of the attacks on the biochemical companies."
Hedge terms observed
are suspected ofare thought to be