SentinelOne Hacked, Mobile Meltdown, & Salt Typhoons Spying Spree—China Cyber Tea, Freshly Brewed! episode artwork

EPISODE · Jun 28, 2025 · 4 MIN

SentinelOne Hacked, Mobile Meltdown, & Salt Typhoons Spying Spree—China Cyber Tea, Freshly Brewed!

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome to Digital Dragon Watch: Weekly China Cyber Alert. I’m Ting—your expert in China cyber shenanigans, translating the week’s headlines into human-speak so you don’t have to read through a thousand threat intel feeds. Let’s dive right into the hotspots from the last seven days. At the top of the pile is the ongoing saga of SentinelOne, the U.S. cybersecurity firm that found itself in the crosshairs of a China-linked hacking collective. Over seventy organizations spanning manufacturing, finance, telecom, government, and research were caught in this months-long campaign, but it was SentinelOne’s hardware supplier that became the key target. The attackers, identified as part of the PurpleHaze group—closely associated with China’s infamous APT15 and UNC5174—used this vendor as a potential springboard for supply chain infiltration, even mapping internet-facing servers and evaluating them for follow-up attacks. SentinelOne’s researchers Aleksandar Milenkoski and Tom Hegel confirmed the attackers managed to breach all seventy targets, with some holding persistent access for extended periods. A staggering reminder: it’s not just your crown jewels—your supply chain is absolutely fair game too. Another red alert this week: Salt Typhoon, a state-sponsored crew also linked to China, exploited the Cisco CVE-2023-20198 flaw to worm into global telecom networks. Notable targets included Canadian telecom devices, with the attackers leveraging this vulnerability for deep reconnaissance. If you’re not patching your Cisco gear, you’re basically taping a “hack me” sign to your data center. Meanwhile, the mobile front is a growing minefield. Investigators from iVerify flagged a wave of mysterious crashes on smartphones—sometimes affecting journalists, government workers, and tech insiders. The sneaky part? These attacks seem to require no user interaction. Just having a vulnerable phone could open you up to infiltration, and guess what? Most victims worked in sectors of interest to Beijing. Rocky Cole at iVerify summed it up: “The world is in a mobile security crisis right now. No one is watching the phones.” Ominous, but true. U.S. government response? The State Department and CISA haven’t been silent. There’s been an uptick in official security advisories, especially for critical infrastructure and telecom sectors, urging immediate Cisco patching, increased insider vigilance, and air-gapping of particularly sensitive systems. Behind the scenes, partnerships with allied countries are intensifying, likely to ensure early warnings and rapid threat intelligence sharing. So, what’s on the expert cheat sheet this week? First, patch early, patch often—especially network gear and anything remotely related to supply chains. Second, don’t sleep on your mobile device protections; enterprise mobile device management should be standard, especially for execs and VIPs. Last, reevaluate who has access This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome to Digital Dragon Watch: Weekly China Cyber Alert. I’m Ting—your expert in China cyber shenanigans, translating the week’s headlines into human-speak so you don’t have to read through a thousand threat intel feeds. Let’s dive right into the hotspots from the last seven days. At the top of the pile is the ongoing saga of SentinelOne, the U.S. cybersecurity firm that found itself in the crosshairs of a China-linked hacking collective. Over seventy organizations spanning manufacturing, finance, telecom, government, and research were caught in this months-long campaign, but it was SentinelOne’s hardware supplier that became the key target. The attackers, identified as part of the PurpleHaze group—closely associated with China’s infamous APT15 and UNC5174—used this vendor as a potential springboard for supply chain infiltration, even mapping internet-facing servers and evaluating them for follow-up attacks. SentinelOne’s researchers Aleksandar Milenkoski and Tom Hegel confirmed the attackers managed to breach all seventy targets, with some holding persistent access for extended periods. A staggering reminder: it’s not just your crown jewels—your supply chain is absolutely fair game too. Another red alert this week: Salt Typhoon, a state-sponsored crew also linked to China, exploited the Cisco CVE-2023-20198 flaw to worm into global telecom networks. Notable targets included Canadian telecom devices, with the attackers leveraging this vulnerability for deep reconnaissance. If you’re not patching your Cisco gear, you’re basically taping a “hack me” sign to your data center. Meanwhile, the mobile front is a growing minefield. Investigators from iVerify flagged a wave of mysterious crashes on smartphones—sometimes affecting journalists, government workers, and tech insiders. The sneaky part? These attacks seem to require no user interaction. Just having a vulnerable phone could open you up to infiltration, and guess what? Most victims worked in sectors of interest to Beijing. Rocky Cole at iVerify summed it up: “The world is in a mobile security crisis right now. No one is watching the phones.” Ominous, but true. U.S. government response? The State Department and CISA haven’t been silent. There’s been an uptick in official security advisories, especially for critical infrastructure and telecom sectors, urging immediate Cisco patching, increased insider vigilance, and air-gapping of particularly sensitive systems. Behind the scenes, partnerships with allied countries are intensifying, likely to ensure early warnings and rapid threat intelligence sharing. So, what’s on the expert cheat sheet this week? First, patch early, patch often—especially network gear and anything remotely related to supply chains. Second, don’t sleep on your mobile device protections; enterprise mobile device management should be standard, especially for execs and VIPs. Last, reevaluate who has access This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

SentinelOne Hacked, Mobile Meltdown, & Salt Typhoons Spying Spree—China Cyber Tea, Freshly Brewed!

0:00 4:13

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 4 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on June 28, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome to Digital Dragon Watch: Weekly China Cyber Alert. I’m Ting—your expert in China cyber shenanigans, translating the week’s headlines into human-speak so you don’t have to...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!