China's Hacking Spree: Backdoors, Blind Spots, and Body Blows - Ting Dishes the Deets on Digital Dragon Watch episode artwork

EPISODE · Nov 3, 2025 · 4 MIN

China's Hacking Spree: Backdoors, Blind Spots, and Body Blows - Ting Dishes the Deets on Digital Dragon Watch

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch weekly China cyber alert. Let's dive straight into what's been heating up in the past seven days because trust me, it's been absolutely wild out there. So here's the thing that's got everyone's attention right now. According to the House Committee on Homeland Security, China-linked threat actors just pulled off something absolutely audacious in July. Three PRC-associated groups, Storm-2603, Linen Typhoon, and Violet Typhoon, compromised over four hundred organizations through Microsoft SharePoint, and we're talking about some serious targets here. The Department of Energy, the Department of Homeland Security, and the Department of Health and Human Services all got hit. This wasn't some random targeting either. These actors were basically doing a masterclass in supply chain infiltration. But here's where it gets even spicier. The U.S. National Security Agency director recently warned that China is actively hacking into American electrical infrastructure. We're not talking about probing or testing anymore. These guys are pre-positioning backdoors in power grid control systems. They're essentially laying groundwork that could let them disrupt or degrade services if things escalate, especially around Taiwan scenarios. Think of it like they're installing pressure valves that they could turn whenever they feel like it. Moving to this week specifically, the Chinese hacker group Bronze Butler just exploited a zero-day vulnerability in Lanscope Endpoint Manager from Motex. According to Sophos and Thailand's CERT, these attacks started in mid-2025, way before Motex even patched it on October twentieth. They deployed something called GoKC P Door malware to steal data. That's the kind of precision timing that shows these aren't amateur hour operations. Meanwhile, UNC5221, another China-linked threat actor cluster, straight up stole source code and internal vulnerability data from F5's BIG-IP development environment. They grabbed actual CVE information before patches even existed. It's like they're getting shopping lists of future vulnerabilities. The manufacturing sector's been taking absolute body blows. The Homeland Security Committee snapshot shows manufacturing experienced twenty-six percent of all cyberattacks this year, with finance and insurance at twenty-three percent. So far in twenty twenty-five, major cyberattacks on state and local governments have been recorded in at least forty-four U.S. states. What's particularly concerning is that Chinese cyber espionage efforts rose one hundred fifty percent in twenty twenty-four compared to the previous year according to CrowdStrike. Their targeted attacks on financial services, media, manufacturing, and industrial sectors jumped three hundred percent. That's not gradual escalation, that's a sprint. The real problem right now is that the federal government shutdown coupled wi This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch weekly China cyber alert. Let's dive straight into what's been heating up in the past seven days because trust me, it's been absolutely wild out there. So here's the thing that's got everyone's attention right now. According to the House Committee on Homeland Security, China-linked threat actors just pulled off something absolutely audacious in July. Three PRC-associated groups, Storm-2603, Linen Typhoon, and Violet Typhoon, compromised over four hundred organizations through Microsoft SharePoint, and we're talking about some serious targets here. The Department of Energy, the Department of Homeland Security, and the Department of Health and Human Services all got hit. This wasn't some random targeting either. These actors were basically doing a masterclass in supply chain infiltration. But here's where it gets even spicier. The U.S. National Security Agency director recently warned that China is actively hacking into American electrical infrastructure. We're not talking about probing or testing anymore. These guys are pre-positioning backdoors in power grid control systems. They're essentially laying groundwork that could let them disrupt or degrade services if things escalate, especially around Taiwan scenarios. Think of it like they're installing pressure valves that they could turn whenever they feel like it. Moving to this week specifically, the Chinese hacker group Bronze Butler just exploited a zero-day vulnerability in Lanscope Endpoint Manager from Motex. According to Sophos and Thailand's CERT, these attacks started in mid-2025, way before Motex even patched it on October twentieth. They deployed something called GoKC P Door malware to steal data. That's the kind of precision timing that shows these aren't amateur hour operations. Meanwhile, UNC5221, another China-linked threat actor cluster, straight up stole source code and internal vulnerability data from F5's BIG-IP development environment. They grabbed actual CVE information before patches even existed. It's like they're getting shopping lists of future vulnerabilities. The manufacturing sector's been taking absolute body blows. The Homeland Security Committee snapshot shows manufacturing experienced twenty-six percent of all cyberattacks this year, with finance and insurance at twenty-three percent. So far in twenty twenty-five, major cyberattacks on state and local governments have been recorded in at least forty-four U.S. states. What's particularly concerning is that Chinese cyber espionage efforts rose one hundred fifty percent in twenty twenty-four compared to the previous year according to CrowdStrike. Their targeted attacks on financial services, media, manufacturing, and industrial sectors jumped three hundred percent. That's not gradual escalation, that's a sprint. The real problem right now is that the federal government shutdown coupled wi This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

China's Hacking Spree: Backdoors, Blind Spots, and Body Blows - Ting Dishes the Deets on Digital Dragon Watch

0:00 4:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 4 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on November 3, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch weekly China cyber alert. Let's dive straight into what's been heating up in the past seven days because trust me, it's...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!