APT27 is a threat actor attributed to CN, also known as GreedyTaotie, TG-3390, EMISSARY PANDA. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does APT27 exploit?

APT27 is known to exploit 12 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

APT27

Also known as: GreedyTaotie, TG-3390, EMISSARY PANDA, TEMP.Hippo, Red Phoenix, Budworm, Group 35, ZipToken, Iron Tiger, BRONZE UNION, Lucky Mouse, G0027, Iron Taurus, Earth Smilodon, Circle Typhoon, Linen Typhoon, Emissary Panda, APT27, LuckyMouse, IODINE, Hippo, BOWSER, Wekby2, UNC215

CNCyber Espionage

Exploited CVEs

Overview

A China-based actor that targets foreign embassies to collect data on government, defence, and technology sectors.

Exploited Vulnerabilities

CVE ID	Action
CVE-2019-3610	View Details