Sign up to save your podcasts
Or
Share China's Cyber Ninjas Flexing Hard: VMware, Telecoms in Crosshairs as 2025 Winds Down
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China's Cyber Ninjas Flexing Hard: VMware, Telecoms in Crosshairs as 2025 Winds Down
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks hitting US tech defenses. Picture this: it's December 15, 2025, and the last 24 hours have been a fireworks show of Beijing's digital ninjas probing our grids. Google's Threat Intelligence Group just dropped a bombshell over the weekend, linking five fresh China-nexus crews—UNC6600, UNC6586, UNC6588, UNC6603, and UNC6595—to exploiting the React2Shell zero-day, CVE-2025-55182. These bad boys are slamming virtualized setups like VMware vSphere, dropping payloads like MINOCAT tunneling tools, SNOWLIGHT downloaders, COMPOOD backdoors, upgraded HISONIC, and even ANGRYREBEL.LINUX RATs. Sectors? Think government IT, telecoms, legal services, software providers—basically anything juicy for espionage or sabotage.
Hot on that, CISA and NSA, alongside Canada's Cyber Centre, sounded alarms on December 4 about Brickstorm malware, but echoes are rippling today. Chinese-linked ops are embedding in US and global telecoms for long-term disruption, per CISA's acting director Madhu Gottumukkala. They burrow via backdoors, snag creds, and own machines—think Salt Typhoon still lurking in comms networks, exploiting old CVEs for mass spying across dozens of countries, as detailed in today's Federal Register.
No emergency patches screamed in the last day exactly, but Broadcom's urging VMware vSphere users to slap on the latest updates against Brickstorm, and Shadowserver's scanning 116,000 vulnerable IPs, over 80,000 in the US. GreyNoise clocked 670 exploit attempts in the past day alone, IPs pinging from China, US, India—you name it. CISA's Known Exploited Vulnerabilities catalog just added CVE-2025-14174, a Google Chrome macOS memory smash fixed in version 143.0.7499.110, reported by Apple's SEAR and Google TAG on December 5.
Defensive playbook from CISA? Hunt those indicators—patch React2Shell yesterday, segment networks, hunt for FRP-based tunnels like MINOCAT, and kill unsecured VNCs that pro-Russia crews are also loving. Ditch Chinese-owned smart home gear like Haier-controlled GE Appliances; their U+ Connect platform funnels data to Beijing under 2017 laws, ripe for grid-surging hacks on fridges and heaters, warns DC Journal's Jon Toomey.
Meanwhile, China's tweaking its Cybersecurity Law effective January 1, 2026, with extraterritorial teeth to chase overseas threats and AI boosts—classic misdirection while their hackers feast. Check Point's December 15 report flags global attack spikes, education in the crosshairs as holidays hit.
Stay sharp, listeners—update, isolate, and audit those supply chains. This has been Ting signing off. Thanks for tuning in—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks hitting US tech defenses. Picture this: it's December 15, 2025, and the last 24 hours have been a fireworks show of Beijing's digital ninjas probing our grids. Google's Threat Intelligence Group just dropped a bombshell over the weekend, linking five fresh China-nexus crews—UNC6600, UNC6586, UNC6588, UNC6603, and UNC6595—to exploiting the React2Shell zero-day, CVE-2025-55182. These bad boys are slamming virtualized setups like VMware vSphere, dropping payloads like MINOCAT tunneling tools, SNOWLIGHT downloaders, COMPOOD backdoors, upgraded HISONIC, and even ANGRYREBEL.LINUX RATs. Sectors? Think government IT, telecoms, legal services, software providers—basically anything juicy for espionage or sabotage.
Hot on that, CISA and NSA, alongside Canada's Cyber Centre, sounded alarms on December 4 about Brickstorm malware, but echoes are rippling today. Chinese-linked ops are embedding in US and global telecoms for long-term disruption, per CISA's acting director Madhu Gottumukkala. They burrow via backdoors, snag creds, and own machines—think Salt Typhoon still lurking in comms networks, exploiting old CVEs for mass spying across dozens of countries, as detailed in today's Federal Register.
No emergency patches screamed in the last day exactly, but Broadcom's urging VMware vSphere users to slap on the latest updates against Brickstorm, and Shadowserver's scanning 116,000 vulnerable IPs, over 80,000 in the US. GreyNoise clocked 670 exploit attempts in the past day alone, IPs pinging from China, US, India—you name it. CISA's Known Exploited Vulnerabilities catalog just added CVE-2025-14174, a Google Chrome macOS memory smash fixed in version 143.0.7499.110, reported by Apple's SEAR and Google TAG on December 5.
Defensive playbook from CISA? Hunt those indicators—patch React2Shell yesterday, segment networks, hunt for FRP-based tunnels like MINOCAT, and kill unsecured VNCs that pro-Russia crews are also loving. Ditch Chinese-owned smart home gear like Haier-controlled GE Appliances; their U+ Connect platform funnels data to Beijing under 2017 laws, ripe for grid-surging hacks on fridges and heaters, warns DC Journal's Jon Toomey.
Meanwhile, China's tweaking its Cybersecurity Law effective January 1, 2026, with extraterritorial teeth to chase overseas threats and AI boosts—classic misdirection while their hackers feast. Check Point's December 15 report flags global attack spikes, education in the crosshairs as holidays hit.
Stay sharp, listeners—update, isolate, and audit those supply chains. This has been Ting signing off. Thanks for tuning in—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks hitting US tech defenses. Picture this: it's December 15, 2025, and the last 24 hours have been a fireworks show of Beijing's digital ninjas probing our grids. Google's Threat Intelligence Group just dropped a bombshell over the weekend, linking five fresh China-nexus crews—UNC6600, UNC6586, UNC6588, UNC6603, and UNC6595—to exploiting the React2Shell zero-day, CVE-2025-55182. These bad boys are slamming virtualized setups like VMware vSphere, dropping payloads like MINOCAT tunneling tools, SNOWLIGHT downloaders, COMPOOD backdoors, upgraded HISONIC, and even ANGRYREBEL.LINUX RATs. Sectors? Think government IT, telecoms, legal services, software providers—basically anything juicy for espionage or sabotage.
Hot on that, CISA and NSA, alongside Canada's Cyber Centre, sounded alarms on December 4 about Brickstorm malware, but echoes are rippling today. Chinese-linked ops are embedding in US and global telecoms for long-term disruption, per CISA's acting director Madhu Gottumukkala. They burrow via backdoors, snag creds, and own machines—think Salt Typhoon still lurking in comms networks, exploiting old CVEs for mass spying across dozens of countries, as detailed in today's Federal Register.
No emergency patches screamed in the last day exactly, but Broadcom's urging VMware vSphere users to slap on the latest updates against Brickstorm, and Shadowserver's scanning 116,000 vulnerable IPs, over 80,000 in the US. GreyNoise clocked 670 exploit attempts in the past day alone, IPs pinging from China, US, India—you name it. CISA's Known Exploited Vulnerabilities catalog just added CVE-2025-14174, a Google Chrome macOS memory smash fixed in version 143.0.7499.110, reported by Apple's SEAR and Google TAG on December 5.
Defensive playbook from CISA? Hunt those indicators—patch React2Shell yesterday, segment networks, hunt for FRP-based tunnels like MINOCAT, and kill unsecured VNCs that pro-Russia crews are also loving. Ditch Chinese-owned smart home gear like Haier-controlled GE Appliances; their U+ Connect platform funnels data to Beijing under 2017 laws, ripe for grid-surging hacks on fridges and heaters, warns DC Journal's Jon Toomey.
Meanwhile, China's tweaking its Cybersecurity Law effective January 1, 2026, with extraterritorial teeth to chase overseas threats and AI boosts—classic misdirection while their hackers feast. Check Point's December 15 report flags global attack spikes, education in the crosshairs as holidays hit.
Stay sharp, listeners—update, isolate, and audit those supply chains. This has been Ting signing off. Thanks for tuning in—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks hitting US tech defenses. Picture this: it's December 15, 2025, and the last 24 hours have been a fireworks show of Beijing's digital ninjas probing our grids. Google's Threat Intelligence Group just dropped a bombshell over the weekend, linking five fresh China-nexus crews—UNC6600, UNC6586, UNC6588, UNC6603, and UNC6595—to exploiting the React2Shell zero-day, CVE-2025-55182. These bad boys are slamming virtualized setups like VMware vSphere, dropping payloads like MINOCAT tunneling tools, SNOWLIGHT downloaders, COMPOOD backdoors, upgraded HISONIC, and even ANGRYREBEL.LINUX RATs. Sectors? Think government IT, telecoms, legal services, software providers—basically anything juicy for espionage or sabotage.
Hot on that, CISA and NSA, alongside Canada's Cyber Centre, sounded alarms on December 4 about Brickstorm malware, but echoes are rippling today. Chinese-linked ops are embedding in US and global telecoms for long-term disruption, per CISA's acting director Madhu Gottumukkala. They burrow via backdoors, snag creds, and own machines—think Salt Typhoon still lurking in comms networks, exploiting old CVEs for mass spying across dozens of countries, as detailed in today's Federal Register.
No emergency patches screamed in the last day exactly, but Broadcom's urging VMware vSphere users to slap on the latest updates against Brickstorm, and Shadowserver's scanning 116,000 vulnerable IPs, over 80,000 in the US. GreyNoise clocked 670 exploit attempts in the past day alone, IPs pinging from China, US, India—you name it. CISA's Known Exploited Vulnerabilities catalog just added CVE-2025-14174, a Google Chrome macOS memory smash fixed in version 143.0.7499.110, reported by Apple's SEAR and Google TAG on December 5.
Defensive playbook from CISA? Hunt those indicators—patch React2Shell yesterday, segment networks, hunt for FRP-based tunnels like MINOCAT, and kill unsecured VNCs that pro-Russia crews are also loving. Ditch Chinese-owned smart home gear like Haier-controlled GE Appliances; their U+ Connect platform funnels data to Beijing under 2017 laws, ripe for grid-surging hacks on fridges and heaters, warns DC Journal's Jon Toomey.
Meanwhile, China's tweaking its Cybersecurity Law effective January 1, 2026, with extraterritorial teeth to chase overseas threats and AI boosts—classic misdirection while their hackers feast. Check Point's December 15 report flags global attack spikes, education in the crosshairs as holidays hit.
Stay sharp, listeners—update, isolate, and audit those supply chains. This has been Ting signing off. Thanks for tuning in—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI