Sign up to save your podcasts
Or
Share China's Nuclear Defector Spills Secrets While Hackers Hide in Your Coding Tools - Dev Drama Goes Deep
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China's Nuclear Defector Spills Secrets While Hackers Hide in Your Coding Tools - Dev Drama Goes Deep
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks shaking up US tech defenses. Buckle up, because the last 24 hours dropped some bombshells that scream escalation—straight from Breached Company, Check Point Research, and CISA alerts buzzing today.
Picture this: I'm scrolling my feeds at dawn, and bam—Breached Company reports China's second-in-command, that shadowy bigwig in Beijing's nuclear inner circle, got fingered for leaking top-secret nuclear weapons data right into US hands. Unprecedented insider threat, they call it, dated January 26th. While we're dissecting that juicy defection drama, Check Point's Threat Intelligence Report for the same day lights up with fresh malware madness: malicious VS Code AI extensions racking up 1.5 million installs, siphoning developer source code to China-based servers. These sneaky "coding assistants" are still lurking in the official marketplace, folks—devs in tech sectors from Silicon Valley to Seattle are prime targets.
Not stopping there. CISA and pals just amplified warnings on **Brickstorm** malware, per their December advisory still rippling today—Chinese-linked hackers embedding backdoors in US and Canadian government IT and critical infrastructure for sabotage. Think VMware vSphere virtual machines; attackers stole creds, hijacked systems since April 2024, with Google's Threat Intelligence confirming hits on legal, software, and outsourcing firms. Broadcom's yelling "patch now!" on their VMware gear.
Sectors under fire? Critical infrastructure leads—energy, water, power grids echoing Volt Typhoon's playbook from last week's chatter—and now dev tools plus nukes intel. Red Hot Cyber flags active exploits on VMware vCenter's CVE, a zero-day RCE letting hackers pwn servers with one packet, no auth needed. CISA slapped it in their Known Exploited Vulnerabilities catalog; federal agencies must fix by February 13th, but y'all should hustle yesterday.
Emergency patches incoming: Cisco's zero-day RCE in Secure Email Gateways, exploited by China-linked APTs per WIU Cyber News. Broadcom updated VMware advisories confirming abuse. Defensive moves from CISA? Hunt for Brickstorm artifacts in your networks, segment VMware environments, enforce least privilege, and scan for anomalous AI extensions in VS Code. NSA echoes: isolate critical systems, drill incident response—assume they're already inside, listeners.
Witty aside: Beijing's embassy mouthpiece Liu Pengyu denies it all, but with insiders flipping and malware raining, it's like China's cyber orchestra hitting every sour note aimed at Uncle Sam. Stay vigilant, patch like your grid depends on it—because it does.
Thanks for tuning in, listeners—smash that subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks shaking up US tech defenses. Buckle up, because the last 24 hours dropped some bombshells that scream escalation—straight from Breached Company, Check Point Research, and CISA alerts buzzing today.
Picture this: I'm scrolling my feeds at dawn, and bam—Breached Company reports China's second-in-command, that shadowy bigwig in Beijing's nuclear inner circle, got fingered for leaking top-secret nuclear weapons data right into US hands. Unprecedented insider threat, they call it, dated January 26th. While we're dissecting that juicy defection drama, Check Point's Threat Intelligence Report for the same day lights up with fresh malware madness: malicious VS Code AI extensions racking up 1.5 million installs, siphoning developer source code to China-based servers. These sneaky "coding assistants" are still lurking in the official marketplace, folks—devs in tech sectors from Silicon Valley to Seattle are prime targets.
Not stopping there. CISA and pals just amplified warnings on **Brickstorm** malware, per their December advisory still rippling today—Chinese-linked hackers embedding backdoors in US and Canadian government IT and critical infrastructure for sabotage. Think VMware vSphere virtual machines; attackers stole creds, hijacked systems since April 2024, with Google's Threat Intelligence confirming hits on legal, software, and outsourcing firms. Broadcom's yelling "patch now!" on their VMware gear.
Sectors under fire? Critical infrastructure leads—energy, water, power grids echoing Volt Typhoon's playbook from last week's chatter—and now dev tools plus nukes intel. Red Hot Cyber flags active exploits on VMware vCenter's CVE, a zero-day RCE letting hackers pwn servers with one packet, no auth needed. CISA slapped it in their Known Exploited Vulnerabilities catalog; federal agencies must fix by February 13th, but y'all should hustle yesterday.
Emergency patches incoming: Cisco's zero-day RCE in Secure Email Gateways, exploited by China-linked APTs per WIU Cyber News. Broadcom updated VMware advisories confirming abuse. Defensive moves from CISA? Hunt for Brickstorm artifacts in your networks, segment VMware environments, enforce least privilege, and scan for anomalous AI extensions in VS Code. NSA echoes: isolate critical systems, drill incident response—assume they're already inside, listeners.
Witty aside: Beijing's embassy mouthpiece Liu Pengyu denies it all, but with insiders flipping and malware raining, it's like China's cyber orchestra hitting every sour note aimed at Uncle Sam. Stay vigilant, patch like your grid depends on it—because it does.
Thanks for tuning in, listeners—smash that subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks shaking up US tech defenses. Buckle up, because the last 24 hours dropped some bombshells that scream escalation—straight from Breached Company, Check Point Research, and CISA alerts buzzing today.
Picture this: I'm scrolling my feeds at dawn, and bam—Breached Company reports China's second-in-command, that shadowy bigwig in Beijing's nuclear inner circle, got fingered for leaking top-secret nuclear weapons data right into US hands. Unprecedented insider threat, they call it, dated January 26th. While we're dissecting that juicy defection drama, Check Point's Threat Intelligence Report for the same day lights up with fresh malware madness: malicious VS Code AI extensions racking up 1.5 million installs, siphoning developer source code to China-based servers. These sneaky "coding assistants" are still lurking in the official marketplace, folks—devs in tech sectors from Silicon Valley to Seattle are prime targets.
Not stopping there. CISA and pals just amplified warnings on **Brickstorm** malware, per their December advisory still rippling today—Chinese-linked hackers embedding backdoors in US and Canadian government IT and critical infrastructure for sabotage. Think VMware vSphere virtual machines; attackers stole creds, hijacked systems since April 2024, with Google's Threat Intelligence confirming hits on legal, software, and outsourcing firms. Broadcom's yelling "patch now!" on their VMware gear.
Sectors under fire? Critical infrastructure leads—energy, water, power grids echoing Volt Typhoon's playbook from last week's chatter—and now dev tools plus nukes intel. Red Hot Cyber flags active exploits on VMware vCenter's CVE, a zero-day RCE letting hackers pwn servers with one packet, no auth needed. CISA slapped it in their Known Exploited Vulnerabilities catalog; federal agencies must fix by February 13th, but y'all should hustle yesterday.
Emergency patches incoming: Cisco's zero-day RCE in Secure Email Gateways, exploited by China-linked APTs per WIU Cyber News. Broadcom updated VMware advisories confirming abuse. Defensive moves from CISA? Hunt for Brickstorm artifacts in your networks, segment VMware environments, enforce least privilege, and scan for anomalous AI extensions in VS Code. NSA echoes: isolate critical systems, drill incident response—assume they're already inside, listeners.
Witty aside: Beijing's embassy mouthpiece Liu Pengyu denies it all, but with insiders flipping and malware raining, it's like China's cyber orchestra hitting every sour note aimed at Uncle Sam. Stay vigilant, patch like your grid depends on it—because it does.
Thanks for tuning in, listeners—smash that subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks shaking up US tech defenses. Buckle up, because the last 24 hours dropped some bombshells that scream escalation—straight from Breached Company, Check Point Research, and CISA alerts buzzing today.
Picture this: I'm scrolling my feeds at dawn, and bam—Breached Company reports China's second-in-command, that shadowy bigwig in Beijing's nuclear inner circle, got fingered for leaking top-secret nuclear weapons data right into US hands. Unprecedented insider threat, they call it, dated January 26th. While we're dissecting that juicy defection drama, Check Point's Threat Intelligence Report for the same day lights up with fresh malware madness: malicious VS Code AI extensions racking up 1.5 million installs, siphoning developer source code to China-based servers. These sneaky "coding assistants" are still lurking in the official marketplace, folks—devs in tech sectors from Silicon Valley to Seattle are prime targets.
Not stopping there. CISA and pals just amplified warnings on **Brickstorm** malware, per their December advisory still rippling today—Chinese-linked hackers embedding backdoors in US and Canadian government IT and critical infrastructure for sabotage. Think VMware vSphere virtual machines; attackers stole creds, hijacked systems since April 2024, with Google's Threat Intelligence confirming hits on legal, software, and outsourcing firms. Broadcom's yelling "patch now!" on their VMware gear.
Sectors under fire? Critical infrastructure leads—energy, water, power grids echoing Volt Typhoon's playbook from last week's chatter—and now dev tools plus nukes intel. Red Hot Cyber flags active exploits on VMware vCenter's CVE, a zero-day RCE letting hackers pwn servers with one packet, no auth needed. CISA slapped it in their Known Exploited Vulnerabilities catalog; federal agencies must fix by February 13th, but y'all should hustle yesterday.
Emergency patches incoming: Cisco's zero-day RCE in Secure Email Gateways, exploited by China-linked APTs per WIU Cyber News. Broadcom updated VMware advisories confirming abuse. Defensive moves from CISA? Hunt for Brickstorm artifacts in your networks, segment VMware environments, enforce least privilege, and scan for anomalous AI extensions in VS Code. NSA echoes: isolate critical systems, drill incident response—assume they're already inside, listeners.
Witty aside: Beijing's embassy mouthpiece Liu Pengyu denies it all, but with insiders flipping and malware raining, it's like China's cyber orchestra hitting every sour note aimed at Uncle Sam. Stay vigilant, patch like your grid depends on it—because it does.
Thanks for tuning in, listeners—smash that subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI