China-Linked APT Breaches Critical Infrastructure via Sitecore Zero-Day

White Label b0d21ac4 66

In early 2026, cybersecurity researchers uncovered a sophisticated attack campaign where a China-linked Advanced Persistent Threat (APT) group, tracked as UNC4034, successfully exploited a previously unknown zero-day vulnerability in the Sitecore Experience Platform (XP). This critical vulnerability (CVE-2026-XXXXX) allowed the threat actors to gain initial access to target networks and deploy a stealthy backdoor called WEBC2. The campaign primarily focused on organizations in Australia and Southeast Asia, aiming for espionage and long-term access.