Dell Zero-Day Chaos: China's Hackers Lurked for Years While We All Slept on VM Security episode artwork

EPISODE · Feb 22, 2026 · 3 MIN

Dell Zero-Day Chaos: China's Hackers Lurked for Years While We All Slept on VM Security

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch: Weekly China Cyber Alert, diving straight into the hottest threats from the past seven days ending February 22, 2026. Buckle up, because China's hackers are playing 4D chess while we're still patching zero-days. First off, Google’s Threat Intelligence team and Mandiant dropped a bombshell: a suspected China-linked espionage crew has been exploiting CVE-2026-22769, a critical zero-day in Dell’s RecoverPoint for Virtual Machines, since mid-2024. They snuck in stealthy backdoors like BRICKSTORM and GRIMBOLT, plus a webshell called SLAYSTYLE, for long-term network lurking. Targeted sectors? Virtualization heavyweights, hitting IT admins where it hurts. No official US gov response yet, but CISA's KEV catalog vibes suggest they'll add it pronto—Luke McNamara from Google warns the defense industrial base is now prime for disruption, not just spying. Over in Taipei, the iconic Grand Hotel got hit with a cyber attack on February 22, per Taiwan News, with investigations probing possible customer data theft. Hospitality joins the hit list, right as Poland bans Chinese-made cars from military sites over data exfil fears from integrated systems. And don't sleep on Notepad++—its update channel was hijacked in a state-sponsored op linked to China, announced February 2 but rooted in a June 2025 vuln, as Hive Systems details. Attackers turned a dev's favorite tool into a supply chain trojan horse. New vectors? Firmware-level persistence, like Keenadu backdoor on Android tablets from Kaspersky's probe—pre-installed during manufacturing, likely China-adjacent supply chains harvesting data silently. Add January's lingering buzz: Chinese state-linked hackers compromised Downing Street aides' mobiles for years, Eurasia Review exposes that dualism where Beijing preaches cyber peace but deploys chaos. US responses? Air Force brass at the Air and Space Forces Association symposium this week, with Gen. Kenneth Wilsbach and Secretary Troy Meink pitching China countermeasures amid National Defense Strategy shifts—experts like Todd Harrison from AEI slam the geriatric fleet as unprepared for PRC air defense. Defense Secretary Pete Hegseth's pushing wartime footing for acquisitions. Expert recs to shield your ops: Patch Dell RecoverPoint yesterday—Mandiant urges multi-factor everywhere. Segment networks, hunt for BRICKSTORM artifacts with Google TAG tools. For supply chains, vet firmware like your life depends on it—Kaspersky says audit Android loaders. Barracuda's XDR report screams: Lock down identity, third-party access, and perimeters. Tod Beardsley from runZero says use CISA KEV smarter, not as panic fuel. Stay frosty, listeners—China's digital dragons are stealthier than ever, but with these moves, you can clip their wings. Thanks for tuning in to Digital Dragon Watch—subscribe for the weekly pulse! This has been a Quiet Please production This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch: Weekly China Cyber Alert, diving straight into the hottest threats from the past seven days ending February 22, 2026. Buckle up, because China's hackers are playing 4D chess while we're still patching zero-days. First off, Google’s Threat Intelligence team and Mandiant dropped a bombshell: a suspected China-linked espionage crew has been exploiting CVE-2026-22769, a critical zero-day in Dell’s RecoverPoint for Virtual Machines, since mid-2024. They snuck in stealthy backdoors like BRICKSTORM and GRIMBOLT, plus a webshell called SLAYSTYLE, for long-term network lurking. Targeted sectors? Virtualization heavyweights, hitting IT admins where it hurts. No official US gov response yet, but CISA's KEV catalog vibes suggest they'll add it pronto—Luke McNamara from Google warns the defense industrial base is now prime for disruption, not just spying. Over in Taipei, the iconic Grand Hotel got hit with a cyber attack on February 22, per Taiwan News, with investigations probing possible customer data theft. Hospitality joins the hit list, right as Poland bans Chinese-made cars from military sites over data exfil fears from integrated systems. And don't sleep on Notepad++—its update channel was hijacked in a state-sponsored op linked to China, announced February 2 but rooted in a June 2025 vuln, as Hive Systems details. Attackers turned a dev's favorite tool into a supply chain trojan horse. New vectors? Firmware-level persistence, like Keenadu backdoor on Android tablets from Kaspersky's probe—pre-installed during manufacturing, likely China-adjacent supply chains harvesting data silently. Add January's lingering buzz: Chinese state-linked hackers compromised Downing Street aides' mobiles for years, Eurasia Review exposes that dualism where Beijing preaches cyber peace but deploys chaos. US responses? Air Force brass at the Air and Space Forces Association symposium this week, with Gen. Kenneth Wilsbach and Secretary Troy Meink pitching China countermeasures amid National Defense Strategy shifts—experts like Todd Harrison from AEI slam the geriatric fleet as unprepared for PRC air defense. Defense Secretary Pete Hegseth's pushing wartime footing for acquisitions. Expert recs to shield your ops: Patch Dell RecoverPoint yesterday—Mandiant urges multi-factor everywhere. Segment networks, hunt for BRICKSTORM artifacts with Google TAG tools. For supply chains, vet firmware like your life depends on it—Kaspersky says audit Android loaders. Barracuda's XDR report screams: Lock down identity, third-party access, and perimeters. Tod Beardsley from runZero says use CISA KEV smarter, not as panic fuel. Stay frosty, listeners—China's digital dragons are stealthier than ever, but with these moves, you can clip their wings. Thanks for tuning in to Digital Dragon Watch—subscribe for the weekly pulse! This has been a Quiet Please production This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

Dell Zero-Day Chaos: China's Hackers Lurked for Years While We All Slept on VM Security

0:00 3:26

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 3 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on February 22, 2026.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch: Weekly China Cyber Alert, diving straight into the hottest threats from the past seven days ending February 22, 2026....

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!