Hacked FTP Keys, ICS Hits, and TikTok's Clover Caper: China's Cyber Dragon Breathes Fire episode artwork

EPISODE · Jul 14, 2025 · 7 MIN

Hacked FTP Keys, ICS Hits, and TikTok's Clover Caper: China's Cyber Dragon Breathes Fire

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back to Digital Dragon Watch, your weekly China cyber alert with me, Ting—your favorite cyber sleuth who runs on caffeine, curiosity, and a steady stream of zero-day disclosures. Buckle up, listeners, because the dragon has definitely been breathing fire this week. Let’s get right into the biggest headline: security researchers have sounded the alarm about an alarming vulnerability in the Wing FTP Server, tagged as CVE-2025-47812. Huntress and Shadowserver researchers confirm attackers are actively exploiting this nasty flaw, which combines a null byte and Lua injection to allow root-level remote code execution. In layman’s terms, it’s a digital skeleton key—hackers can take control of whole systems, scoop up passwords, and even wipe out files if they’re feeling spicy. Wing FTP counts some big players among its 10,000 clients, with the U.S., China, and Germany topping the exposure charts. This isn’t speculative, folks—Shadowserver is tracking at least 2,000 exposed systems and says active exploitation began July 1. If you run Wing FTP and haven’t patched, you might as well be handing the keys to your digital kingdom to the nearest stranger. So, as expert Julien Ahrens bluntly put it, patch now or risk total compromise. Meanwhile, hacktivism is evolving in ways that should unsettle every infrastructure operator. According to Cyble, hacktivists are no longer just playing with website graffiti—they're breaching industrial control systems and causing real disruptions. The Russia-linked Z-Pentest group has launched 38 ICS attacks in Q2 alone—a 150% increase—and, while not all directly tied to China, the inspiration and technical overlap with China’s industrial espionage are hard to ignore. These attacks aren’t just about chaos; they’re aimed at undermining the backbone of entire sectors, including energy and utilities. Let’s talk statecraft—China’s cyber operations aren’t just about stealing secrets anymore. The Irregular Warfare Center warns that Beijing is heavily focused on pre-positioning malware within U.S. critical infrastructure, especially in energy, transportation, and water systems. The notorious Volt Typhoon group, for example, has become the poster child for this hybrid espionage campaign, blending network intrusions with the ability to disrupt life-critical services. The FBI now has over 2,000 open investigations into PRC-related IP theft. This is economic warfare—Chinese companies leapfrog R&D costs by snatching U.S. breakthroughs, and that’s got strategic implications far beyond quarterly earnings. On the regulatory front, the U.S. government isn’t just playing defense. A new White House executive order directs NIST, CISA, and OMB to adopt policy-as-code—think machine-readable cybersecurity rules and automated compliance pipelines. By 2027, all federal IoT procurements will require machine-checked security labels. This is a big move toward operationalizing This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back to Digital Dragon Watch, your weekly China cyber alert with me, Ting—your favorite cyber sleuth who runs on caffeine, curiosity, and a steady stream of zero-day disclosures. Buckle up, listeners, because the dragon has definitely been breathing fire this week. Let’s get right into the biggest headline: security researchers have sounded the alarm about an alarming vulnerability in the Wing FTP Server, tagged as CVE-2025-47812. Huntress and Shadowserver researchers confirm attackers are actively exploiting this nasty flaw, which combines a null byte and Lua injection to allow root-level remote code execution. In layman’s terms, it’s a digital skeleton key—hackers can take control of whole systems, scoop up passwords, and even wipe out files if they’re feeling spicy. Wing FTP counts some big players among its 10,000 clients, with the U.S., China, and Germany topping the exposure charts. This isn’t speculative, folks—Shadowserver is tracking at least 2,000 exposed systems and says active exploitation began July 1. If you run Wing FTP and haven’t patched, you might as well be handing the keys to your digital kingdom to the nearest stranger. So, as expert Julien Ahrens bluntly put it, patch now or risk total compromise. Meanwhile, hacktivism is evolving in ways that should unsettle every infrastructure operator. According to Cyble, hacktivists are no longer just playing with website graffiti—they're breaching industrial control systems and causing real disruptions. The Russia-linked Z-Pentest group has launched 38 ICS attacks in Q2 alone—a 150% increase—and, while not all directly tied to China, the inspiration and technical overlap with China’s industrial espionage are hard to ignore. These attacks aren’t just about chaos; they’re aimed at undermining the backbone of entire sectors, including energy and utilities. Let’s talk statecraft—China’s cyber operations aren’t just about stealing secrets anymore. The Irregular Warfare Center warns that Beijing is heavily focused on pre-positioning malware within U.S. critical infrastructure, especially in energy, transportation, and water systems. The notorious Volt Typhoon group, for example, has become the poster child for this hybrid espionage campaign, blending network intrusions with the ability to disrupt life-critical services. The FBI now has over 2,000 open investigations into PRC-related IP theft. This is economic warfare—Chinese companies leapfrog R&D costs by snatching U.S. breakthroughs, and that’s got strategic implications far beyond quarterly earnings. On the regulatory front, the U.S. government isn’t just playing defense. A new White House executive order directs NIST, CISA, and OMB to adopt policy-as-code—think machine-readable cybersecurity rules and automated compliance pipelines. By 2027, all federal IoT procurements will require machine-checked security labels. This is a big move toward operationalizing This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

Hacked FTP Keys, ICS Hits, and TikTok's Clover Caper: China's Cyber Dragon Breathes Fire

0:00 7:05

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 7 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on July 14, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back to Digital Dragon Watch, your weekly China cyber alert with me, Ting—your favorite cyber sleuth who runs on caffeine, curiosity, and a steady stream of zero-day...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!