EPISODE · Jul 14, 2025 · 7 MIN
Hacked FTP Keys, ICS Hits, and TikTok's Clover Caper: China's Cyber Dragon Breathes Fire
from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back to Digital Dragon Watch, your weekly China cyber alert with me, Ting—your favorite cyber sleuth who runs on caffeine, curiosity, and a steady stream of zero-day disclosures. Buckle up, listeners, because the dragon has definitely been breathing fire this week. Let’s get right into the biggest headline: security researchers have sounded the alarm about an alarming vulnerability in the Wing FTP Server, tagged as CVE-2025-47812. Huntress and Shadowserver researchers confirm attackers are actively exploiting this nasty flaw, which combines a null byte and Lua injection to allow root-level remote code execution. In layman’s terms, it’s a digital skeleton key—hackers can take control of whole systems, scoop up passwords, and even wipe out files if they’re feeling spicy. Wing FTP counts some big players among its 10,000 clients, with the U.S., China, and Germany topping the exposure charts. This isn’t speculative, folks—Shadowserver is tracking at least 2,000 exposed systems and says active exploitation began July 1. If you run Wing FTP and haven’t patched, you might as well be handing the keys to your digital kingdom to the nearest stranger. So, as expert Julien Ahrens bluntly put it, patch now or risk total compromise. Meanwhile, hacktivism is evolving in ways that should unsettle every infrastructure operator. According to Cyble, hacktivists are no longer just playing with website graffiti—they're breaching industrial control systems and causing real disruptions. The Russia-linked Z-Pentest group has launched 38 ICS attacks in Q2 alone—a 150% increase—and, while not all directly tied to China, the inspiration and technical overlap with China’s industrial espionage are hard to ignore. These attacks aren’t just about chaos; they’re aimed at undermining the backbone of entire sectors, including energy and utilities. Let’s talk statecraft—China’s cyber operations aren’t just about stealing secrets anymore. The Irregular Warfare Center warns that Beijing is heavily focused on pre-positioning malware within U.S. critical infrastructure, especially in energy, transportation, and water systems. The notorious Volt Typhoon group, for example, has become the poster child for this hybrid espionage campaign, blending network intrusions with the ability to disrupt life-critical services. The FBI now has over 2,000 open investigations into PRC-related IP theft. This is economic warfare—Chinese companies leapfrog R&D costs by snatching U.S. breakthroughs, and that’s got strategic implications far beyond quarterly earnings. On the regulatory front, the U.S. government isn’t just playing defense. A new White House executive order directs NIST, CISA, and OMB to adopt policy-as-code—think machine-readable cybersecurity rules and automated compliance pipelines. By 2027, all federal IoT procurements will require machine-checked security labels. This is a big move toward operationalizing This content was created in partnership and with the help of Artificial Intelligence AI.
What this episode covers
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back to Digital Dragon Watch, your weekly China cyber alert with me, Ting—your favorite cyber sleuth who runs on caffeine, curiosity, and a steady stream of zero-day disclosures. Buckle up, listeners, because the dragon has definitely been breathing fire this week. Let’s get right into the biggest headline: security researchers have sounded the alarm about an alarming vulnerability in the Wing FTP Server, tagged as CVE-2025-47812. Huntress and Shadowserver researchers confirm attackers are actively exploiting this nasty flaw, which combines a null byte and Lua injection to allow root-level remote code execution. In layman’s terms, it’s a digital skeleton key—hackers can take control of whole systems, scoop up passwords, and even wipe out files if they’re feeling spicy. Wing FTP counts some big players among its 10,000 clients, with the U.S., China, and Germany topping the exposure charts. This isn’t speculative, folks—Shadowserver is tracking at least 2,000 exposed systems and says active exploitation began July 1. If you run Wing FTP and haven’t patched, you might as well be handing the keys to your digital kingdom to the nearest stranger. So, as expert Julien Ahrens bluntly put it, patch now or risk total compromise. Meanwhile, hacktivism is evolving in ways that should unsettle every infrastructure operator. According to Cyble, hacktivists are no longer just playing with website graffiti—they're breaching industrial control systems and causing real disruptions. The Russia-linked Z-Pentest group has launched 38 ICS attacks in Q2 alone—a 150% increase—and, while not all directly tied to China, the inspiration and technical overlap with China’s industrial espionage are hard to ignore. These attacks aren’t just about chaos; they’re aimed at undermining the backbone of entire sectors, including energy and utilities. Let’s talk statecraft—China’s cyber operations aren’t just about stealing secrets anymore. The Irregular Warfare Center warns that Beijing is heavily focused on pre-positioning malware within U.S. critical infrastructure, especially in energy, transportation, and water systems. The notorious Volt Typhoon group, for example, has become the poster child for this hybrid espionage campaign, blending network intrusions with the ability to disrupt life-critical services. The FBI now has over 2,000 open investigations into PRC-related IP theft. This is economic warfare—Chinese companies leapfrog R&D costs by snatching U.S. breakthroughs, and that’s got strategic implications far beyond quarterly earnings. On the regulatory front, the U.S. government isn’t just playing defense. A new White House executive order directs NIST, CISA, and OMB to adopt policy-as-code—think machine-readable cybersecurity rules and automated compliance pipelines. By 2027, all federal IoT procurements will require machine-checked security labels. This is a big move toward operationalizing This content was created in partnership and with the help of Artificial Intelligence AI.
NOW PLAYING
Hacked FTP Keys, ICS Hits, and TikTok's Clover Caper: China's Cyber Dragon Breathes Fire
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.