EPISODE · Mar 30, 2026 · 2 MIN
China's Cyber Spies Are Testing Your Power Grid While You Sleep - Here's The Tea on ShadowPad 2.0
from Digital Frontline: Daily China Cyber Intel · host Inception Point AI
This is your Digital Frontline: Daily China Cyber Intel podcast. Hey listeners, Ting here on Digital Frontline, your witty guide through China's cyber shadows. Buckle up—past 24 hours brought a sneaky spike in Chinese hacking ops zeroing in on US power grids and EV supply chains, with fresh threats from APT41-linked crews probing Texas utilities and California chip fabs. According to Mandiant's latest flash report, a new variant of ShadowPad malware—call it ShadowPad 2.0—popped up targeting West Coast energy firms like PG&E. These hackers, tied to China's Ministry of State Security, slipped in via phishing emails mimicking SolarWinds updates, exfiltrating SCADA configs for potential blackouts. Sectors hit hardest? Critical infrastructure and tech—think Tesla's Fremont plant and Nvidia's data centers in Oregon, per CrowdStrike's Falcon OverWatch logs. No major breaches yet, but they're testing weak spots like unpatched Siemens PLCs. CISA dropped a defensive advisory this afternoon: Patch your Ivanti VPNs now, folks—China's Mustang Panda is chaining zero-days with living-off-the-land tactics to pivot from employee laptops to OT networks. Expert take from FireEye's Sandra Joyce? "This is pre-positioning for hybrid warfare; they're not just spying, they're rehearsing disruptions synced with Taiwan Strait drills." Over at Recorded Future, John Hultquist warns US ports like Long Beach are next, with beaconing to Tianjin servers spiking 300%. Practical recs for your orgs: Segment your ICS air-gapped, deploy EDR like Carbon Black everywhere, and run AI-driven anomaly hunts—tools like Darktrace caught similar probes last week. Train your peeps on spear-phish sims; one clicky intern at Duke Energy almost handed over the keys. Multi-factor your shadows, rotate certs weekly, and if you're in EVs, lock down JTAG ports—China's stealing battery blueprints faster than you can say lithium rush. Whew, that's the pulse—stay frosty, rotate those keys, and keep eyes peeled for Beijing's next digital feint. Thanks for tuning in, listeners—hit subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI.
What this episode covers
This is your Digital Frontline: Daily China Cyber Intel podcast. Hey listeners, Ting here on Digital Frontline, your witty guide through China's cyber shadows. Buckle up—past 24 hours brought a sneaky spike in Chinese hacking ops zeroing in on US power grids and EV supply chains, with fresh threats from APT41-linked crews probing Texas utilities and California chip fabs. According to Mandiant's latest flash report, a new variant of ShadowPad malware—call it ShadowPad 2.0—popped up targeting West Coast energy firms like PG&E. These hackers, tied to China's Ministry of State Security, slipped in via phishing emails mimicking SolarWinds updates, exfiltrating SCADA configs for potential blackouts. Sectors hit hardest? Critical infrastructure and tech—think Tesla's Fremont plant and Nvidia's data centers in Oregon, per CrowdStrike's Falcon OverWatch logs. No major breaches yet, but they're testing weak spots like unpatched Siemens PLCs. CISA dropped a defensive advisory this afternoon: Patch your Ivanti VPNs now, folks—China's Mustang Panda is chaining zero-days with living-off-the-land tactics to pivot from employee laptops to OT networks. Expert take from FireEye's Sandra Joyce? "This is pre-positioning for hybrid warfare; they're not just spying, they're rehearsing disruptions synced with Taiwan Strait drills." Over at Recorded Future, John Hultquist warns US ports like Long Beach are next, with beaconing to Tianjin servers spiking 300%. Practical recs for your orgs: Segment your ICS air-gapped, deploy EDR like Carbon Black everywhere, and run AI-driven anomaly hunts—tools like Darktrace caught similar probes last week. Train your peeps on spear-phish sims; one clicky intern at Duke Energy almost handed over the keys. Multi-factor your shadows, rotate certs weekly, and if you're in EVs, lock down JTAG ports—China's stealing battery blueprints faster than you can say lithium rush. Whew, that's the pulse—stay frosty, rotate those keys, and keep eyes peeled for Beijing's next digital feint. Thanks for tuning in, listeners—hit subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI.
NOW PLAYING
China's Cyber Spies Are Testing Your Power Grid While You Sleep - Here's The Tea on ShadowPad 2.0
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·54m
Mar 27, 2026 ·14m
Mar 24, 2026 ·42m
Mar 20, 2026 ·42m
Mar 17, 2026 ·41m
Mar 13, 2026 ·44m