China Hacks Gone Wild: Cyber Chaos, Zero-Days, and White House Fury episode artwork

EPISODE · Jul 28, 2025 · 5 MIN

China Hacks Gone Wild: Cyber Chaos, Zero-Days, and White House Fury

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with another high-voltage episode of Digital Dragon Watch: Weekly China Cyber Alert. No long wind-up – let’s boot into the breach. The headline this week is all about the chaos unleashed by Chinese state-backed hackers flexing their muscle with new attack vectors, and US cyber-defense playing cat-and-mouse. Top of the incident chart: Microsoft sounded the alarm about an ongoing onslaught exploiting unpatched SharePoint server flaws. In this fresh wave, veteran Chinese threat groups like Linen Typhoon and Violet Typhoon, plus the notorious Storm-2603, have been digging into government, defense, finance, health, and media organizations across the US, Europe, and East Asia. According to Microsoft, these actors are persistent – even after patches, they're able to pilfer cryptographic keys, impersonating users long after you think you’ve kicked them out. Cyber firm Eye Security counted over 400 compromised systems, with the advisory ringing especially loud for those running on-prem SharePoint. The origin of this mess? Shout out to Viettel Cyber Security, whose discovery at Pwn2Own Berlin back in May started the patch race – but the fix Microsoft dropped on July 8 wasn’t enough. Only last week did they finally squish the bug completely, so if you haven’t patched again, you might already be hosting uninvited guests. It doesn’t end there. Sygnia revealed a campaign by the China-tied Fire Ant group targeting VMware ESXi and F5 systems. This crew’s advanced: they use host-to-guest commands, lateral movement, even Medusa rootkits, tunneling through network barriers that defenders thought were air-tight. The target list includes: large enterprise, government, and critical infrastructure. For anyone running segmented networks with virtualized platforms, take note: Fire Ant maintained footholds by adapting in real time, swapping up tactics and leaving stealth backdoors wherever they went. Let’s zoom out. The sector hit hardest has been government – US agencies, National Guard units, and critical infrastructure from energy to telecoms. These hacks are part of larger campaigns like Salt Typhoon and Volt Typhoon, marking an escalation well beyond old-school economic espionage into campaigns that, as former UK NCSC chief Ciaran Martin puts it, run “everything, everywhere, all at once.” US military networks have now been told to assume breach and operate under a zero-trust mindset, according to recent advisories dragged out of the Department of Defense. US response? The White House is on the offensive with the new AI Action Plan. This strategy, announced July 23, ramps up trade controls on advanced AI hardware and semiconductors, doubling down on export restrictions to prevent so-called countries of concern (yes, China makes the list) from acquiring sensitive tech. Expect tighter end-use monitoring and new controls on components not previously covered – the Department This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with another high-voltage episode of Digital Dragon Watch: Weekly China Cyber Alert. No long wind-up – let’s boot into the breach. The headline this week is all about the chaos unleashed by Chinese state-backed hackers flexing their muscle with new attack vectors, and US cyber-defense playing cat-and-mouse. Top of the incident chart: Microsoft sounded the alarm about an ongoing onslaught exploiting unpatched SharePoint server flaws. In this fresh wave, veteran Chinese threat groups like Linen Typhoon and Violet Typhoon, plus the notorious Storm-2603, have been digging into government, defense, finance, health, and media organizations across the US, Europe, and East Asia. According to Microsoft, these actors are persistent – even after patches, they're able to pilfer cryptographic keys, impersonating users long after you think you’ve kicked them out. Cyber firm Eye Security counted over 400 compromised systems, with the advisory ringing especially loud for those running on-prem SharePoint. The origin of this mess? Shout out to Viettel Cyber Security, whose discovery at Pwn2Own Berlin back in May started the patch race – but the fix Microsoft dropped on July 8 wasn’t enough. Only last week did they finally squish the bug completely, so if you haven’t patched again, you might already be hosting uninvited guests. It doesn’t end there. Sygnia revealed a campaign by the China-tied Fire Ant group targeting VMware ESXi and F5 systems. This crew’s advanced: they use host-to-guest commands, lateral movement, even Medusa rootkits, tunneling through network barriers that defenders thought were air-tight. The target list includes: large enterprise, government, and critical infrastructure. For anyone running segmented networks with virtualized platforms, take note: Fire Ant maintained footholds by adapting in real time, swapping up tactics and leaving stealth backdoors wherever they went. Let’s zoom out. The sector hit hardest has been government – US agencies, National Guard units, and critical infrastructure from energy to telecoms. These hacks are part of larger campaigns like Salt Typhoon and Volt Typhoon, marking an escalation well beyond old-school economic espionage into campaigns that, as former UK NCSC chief Ciaran Martin puts it, run “everything, everywhere, all at once.” US military networks have now been told to assume breach and operate under a zero-trust mindset, according to recent advisories dragged out of the Department of Defense. US response? The White House is on the offensive with the new AI Action Plan. This strategy, announced July 23, ramps up trade controls on advanced AI hardware and semiconductors, doubling down on export restrictions to prevent so-called countries of concern (yes, China makes the list) from acquiring sensitive tech. Expect tighter end-use monitoring and new controls on components not previously covered – the Department This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

China Hacks Gone Wild: Cyber Chaos, Zero-Days, and White House Fury

0:00 5:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 5 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on July 28, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with another high-voltage episode of Digital Dragon Watch: Weekly China Cyber Alert. No long wind-up – let’s boot into the breach. The headline this week...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!