Sign up to save your podcasts
Or
Share Cyber Scandal: China's Hackers Caught Red-Handed in US Nuclear Nets
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cyber Scandal: China's Hackers Caught Red-Handed in US Nuclear Nets
This is your Red Alert: China's Daily Cyber Moves podcast.
If you’re tuning in right now, you’re already one step smarter than half the internet—and probably more patched up, too. I’m Ting, coming to you hot from the cyber front lines with Red Alert: China’s Daily Cyber Moves, October 13th, 2025 edition. Let’s jack straight into the new arc of this cat-and-mouse game, because the past few days have not been boring.
First up, let’s talk SharePoint, Microsoft’s pride and, last July, its heartbreak. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese hackers—say hi to Linen Typhoon, Violet Typhoon, and everyone’s favorite, Storm-2603—capitalized fast. Starting July 7th, in sync with Microsoft’s final MAPP vulnerability notifications, over 400 organizations, including the U.S. National Nuclear Security Administration, got whacked. Storm-2603 didn’t even wait a fortnight before pivoting to ransomware, reaching targets like nuclear agencies by July 18. This blew the lid off Microsoft’s partner program: no more proof-of-concept code for Chinese affiliates, and they now get vulnerability info only when the rest of the planet does. It's a historic clampdown with global ripple effects, and it’s redefined international cyber cooperation overnight.
While the SharePoint breach garbled thousands of corporate weekends, the action’s escalated right into October. According to the Federalist, Google’s Threat Intelligence and Mandiant have been tracking the “BRICKSTORM” campaign since March. Chinese group UNC5221—an Advanced Persistent Threat actor so persistent they practically hang up paintings in your systems—are embedding backdoors with stealthy, nearly undetectable access, averaging 400 days undisturbed. That means any given network could be hosting a phantom Chinese node for over a year before anyone even blinks.
And the target list reads like a who’s-who: U.S. tech firms, SaaS providers, legal networks. It isn’t just about trade secrets anymore. These attackers are actively probing zero-day vulnerabilities in network appliances, hunting for pivot points for future sabotage. Around the same time, Salt Typhoon, another Chinese crew, compromised telecom infrastructure—including wiretap surveillance networks—impacting users from AT&T to Verizon, including those connected to recent presidential campaigns.
Naturally, CISA isn’t waiting around. Since July 20, the vulnerabilities have been on the Known Exploited Vulnerabilities catalog, with urgent advisories: patch everything. Enable anti-malware scan interface. Rotate cryptographic keys. Pull end-of-life SharePoint servers off the net. Monitor for sketchy POSTs to ToolPane.aspx—if you’re not, you’re just offering snacks to the intruders.
Meanwhile, Check Point’s October report finds that while attack volumes appear stable, the critical threats are burrowing deeper. Below the surface, activity has actually intensified, especially against U.S. healthcare, legal, and infrastructure systems. Just today, Homeland Security Newswire reports FBI warnings of China “targeting” systems along the Mississippi River—picture attempted access or mapping on logistics and water management. This isn’t theory anymore; the scenarios are shifting from espionage to power-grid disruption drills.
As escalation scenarios go, the writing’s on the firewall: if tensions continue, these Chinese “drills” could become full-scale disruptions, taking down segments of utilities, telecom, or emergency services. Private American firms still sit too quietly—losing IP and, sometimes, operational control. It’s time for detection, open intel sharing, ruthless patching, and readiness for system isolations.
Thanks for tuning in, listeners, and seriously, check those logs and rotate your keys. Subscribe for more. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
If you’re tuning in right now, you’re already one step smarter than half the internet—and probably more patched up, too. I’m Ting, coming to you hot from the cyber front lines with Red Alert: China’s Daily Cyber Moves, October 13th, 2025 edition. Let’s jack straight into the new arc of this cat-and-mouse game, because the past few days have not been boring.
First up, let’s talk SharePoint, Microsoft’s pride and, last July, its heartbreak. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese hackers—say hi to Linen Typhoon, Violet Typhoon, and everyone’s favorite, Storm-2603—capitalized fast. Starting July 7th, in sync with Microsoft’s final MAPP vulnerability notifications, over 400 organizations, including the U.S. National Nuclear Security Administration, got whacked. Storm-2603 didn’t even wait a fortnight before pivoting to ransomware, reaching targets like nuclear agencies by July 18. This blew the lid off Microsoft’s partner program: no more proof-of-concept code for Chinese affiliates, and they now get vulnerability info only when the rest of the planet does. It's a historic clampdown with global ripple effects, and it’s redefined international cyber cooperation overnight.
While the SharePoint breach garbled thousands of corporate weekends, the action’s escalated right into October. According to the Federalist, Google’s Threat Intelligence and Mandiant have been tracking the “BRICKSTORM” campaign since March. Chinese group UNC5221—an Advanced Persistent Threat actor so persistent they practically hang up paintings in your systems—are embedding backdoors with stealthy, nearly undetectable access, averaging 400 days undisturbed. That means any given network could be hosting a phantom Chinese node for over a year before anyone even blinks.
And the target list reads like a who’s-who: U.S. tech firms, SaaS providers, legal networks. It isn’t just about trade secrets anymore. These attackers are actively probing zero-day vulnerabilities in network appliances, hunting for pivot points for future sabotage. Around the same time, Salt Typhoon, another Chinese crew, compromised telecom infrastructure—including wiretap surveillance networks—impacting users from AT&T to Verizon, including those connected to recent presidential campaigns.
Naturally, CISA isn’t waiting around. Since July 20, the vulnerabilities have been on the Known Exploited Vulnerabilities catalog, with urgent advisories: patch everything. Enable anti-malware scan interface. Rotate cryptographic keys. Pull end-of-life SharePoint servers off the net. Monitor for sketchy POSTs to ToolPane.aspx—if you’re not, you’re just offering snacks to the intruders.
Meanwhile, Check Point’s October report finds that while attack volumes appear stable, the critical threats are burrowing deeper. Below the surface, activity has actually intensified, especially against U.S. healthcare, legal, and infrastructure systems. Just today, Homeland Security Newswire reports FBI warnings of China “targeting” systems along the Mississippi River—picture attempted access or mapping on logistics and water management. This isn’t theory anymore; the scenarios are shifting from espionage to power-grid disruption drills.
As escalation scenarios go, the writing’s on the firewall: if tensions continue, these Chinese “drills” could become full-scale disruptions, taking down segments of utilities, telecom, or emergency services. Private American firms still sit too quietly—losing IP and, sometimes, operational control. It’s time for detection, open intel sharing, ruthless patching, and readiness for system isolations.
Thanks for tuning in, listeners, and seriously, check those logs and rotate your keys. Subscribe for more. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Red Alert: China's Daily Cyber Moves podcast.
If you’re tuning in right now, you’re already one step smarter than half the internet—and probably more patched up, too. I’m Ting, coming to you hot from the cyber front lines with Red Alert: China’s Daily Cyber Moves, October 13th, 2025 edition. Let’s jack straight into the new arc of this cat-and-mouse game, because the past few days have not been boring.
First up, let’s talk SharePoint, Microsoft’s pride and, last July, its heartbreak. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese hackers—say hi to Linen Typhoon, Violet Typhoon, and everyone’s favorite, Storm-2603—capitalized fast. Starting July 7th, in sync with Microsoft’s final MAPP vulnerability notifications, over 400 organizations, including the U.S. National Nuclear Security Administration, got whacked. Storm-2603 didn’t even wait a fortnight before pivoting to ransomware, reaching targets like nuclear agencies by July 18. This blew the lid off Microsoft’s partner program: no more proof-of-concept code for Chinese affiliates, and they now get vulnerability info only when the rest of the planet does. It's a historic clampdown with global ripple effects, and it’s redefined international cyber cooperation overnight.
While the SharePoint breach garbled thousands of corporate weekends, the action’s escalated right into October. According to the Federalist, Google’s Threat Intelligence and Mandiant have been tracking the “BRICKSTORM” campaign since March. Chinese group UNC5221—an Advanced Persistent Threat actor so persistent they practically hang up paintings in your systems—are embedding backdoors with stealthy, nearly undetectable access, averaging 400 days undisturbed. That means any given network could be hosting a phantom Chinese node for over a year before anyone even blinks.
And the target list reads like a who’s-who: U.S. tech firms, SaaS providers, legal networks. It isn’t just about trade secrets anymore. These attackers are actively probing zero-day vulnerabilities in network appliances, hunting for pivot points for future sabotage. Around the same time, Salt Typhoon, another Chinese crew, compromised telecom infrastructure—including wiretap surveillance networks—impacting users from AT&T to Verizon, including those connected to recent presidential campaigns.
Naturally, CISA isn’t waiting around. Since July 20, the vulnerabilities have been on the Known Exploited Vulnerabilities catalog, with urgent advisories: patch everything. Enable anti-malware scan interface. Rotate cryptographic keys. Pull end-of-life SharePoint servers off the net. Monitor for sketchy POSTs to ToolPane.aspx—if you’re not, you’re just offering snacks to the intruders.
Meanwhile, Check Point’s October report finds that while attack volumes appear stable, the critical threats are burrowing deeper. Below the surface, activity has actually intensified, especially against U.S. healthcare, legal, and infrastructure systems. Just today, Homeland Security Newswire reports FBI warnings of China “targeting” systems along the Mississippi River—picture attempted access or mapping on logistics and water management. This isn’t theory anymore; the scenarios are shifting from espionage to power-grid disruption drills.
As escalation scenarios go, the writing’s on the firewall: if tensions continue, these Chinese “drills” could become full-scale disruptions, taking down segments of utilities, telecom, or emergency services. Private American firms still sit too quietly—losing IP and, sometimes, operational control. It’s time for detection, open intel sharing, ruthless patching, and readiness for system isolations.
Thanks for tuning in, listeners, and seriously, check those logs and rotate your keys. Subscribe for more. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
If you’re tuning in right now, you’re already one step smarter than half the internet—and probably more patched up, too. I’m Ting, coming to you hot from the cyber front lines with Red Alert: China’s Daily Cyber Moves, October 13th, 2025 edition. Let’s jack straight into the new arc of this cat-and-mouse game, because the past few days have not been boring.
First up, let’s talk SharePoint, Microsoft’s pride and, last July, its heartbreak. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese hackers—say hi to Linen Typhoon, Violet Typhoon, and everyone’s favorite, Storm-2603—capitalized fast. Starting July 7th, in sync with Microsoft’s final MAPP vulnerability notifications, over 400 organizations, including the U.S. National Nuclear Security Administration, got whacked. Storm-2603 didn’t even wait a fortnight before pivoting to ransomware, reaching targets like nuclear agencies by July 18. This blew the lid off Microsoft’s partner program: no more proof-of-concept code for Chinese affiliates, and they now get vulnerability info only when the rest of the planet does. It's a historic clampdown with global ripple effects, and it’s redefined international cyber cooperation overnight.
While the SharePoint breach garbled thousands of corporate weekends, the action’s escalated right into October. According to the Federalist, Google’s Threat Intelligence and Mandiant have been tracking the “BRICKSTORM” campaign since March. Chinese group UNC5221—an Advanced Persistent Threat actor so persistent they practically hang up paintings in your systems—are embedding backdoors with stealthy, nearly undetectable access, averaging 400 days undisturbed. That means any given network could be hosting a phantom Chinese node for over a year before anyone even blinks.
And the target list reads like a who’s-who: U.S. tech firms, SaaS providers, legal networks. It isn’t just about trade secrets anymore. These attackers are actively probing zero-day vulnerabilities in network appliances, hunting for pivot points for future sabotage. Around the same time, Salt Typhoon, another Chinese crew, compromised telecom infrastructure—including wiretap surveillance networks—impacting users from AT&T to Verizon, including those connected to recent presidential campaigns.
Naturally, CISA isn’t waiting around. Since July 20, the vulnerabilities have been on the Known Exploited Vulnerabilities catalog, with urgent advisories: patch everything. Enable anti-malware scan interface. Rotate cryptographic keys. Pull end-of-life SharePoint servers off the net. Monitor for sketchy POSTs to ToolPane.aspx—if you’re not, you’re just offering snacks to the intruders.
Meanwhile, Check Point’s October report finds that while attack volumes appear stable, the critical threats are burrowing deeper. Below the surface, activity has actually intensified, especially against U.S. healthcare, legal, and infrastructure systems. Just today, Homeland Security Newswire reports FBI warnings of China “targeting” systems along the Mississippi River—picture attempted access or mapping on logistics and water management. This isn’t theory anymore; the scenarios are shifting from espionage to power-grid disruption drills.
As escalation scenarios go, the writing’s on the firewall: if tensions continue, these Chinese “drills” could become full-scale disruptions, taking down segments of utilities, telecom, or emergency services. Private American firms still sit too quietly—losing IP and, sometimes, operational control. It’s time for detection, open intel sharing, ruthless patching, and readiness for system isolations.
Thanks for tuning in, listeners, and seriously, check those logs and rotate your keys. Subscribe for more. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI