China Hack Report: Daily US Tech Defense

Sizzling Cyber Scoop: China's Hacking Blitz Targets SAP, Jammers, and Solar!


Listen Later

This is your China Hack Report: Daily US Tech Defense podcast.

Hey, cyber sleuths! Ting here, back with your daily China Hack Report. The date is June 21, 2025, and boy, have the last 24 hours been a cyber rollercoaster – let's crack straight into the critical updates.

First, the hottest item: EclecticIQ just dropped some jaw-dropping findings. Chinese state-backed APTs—think UNC5221, UNC5174, and CL-STA-0048—have ramped up global attacks targeting critical infrastructure. How? By exploiting a nasty unauthenticated file upload vulnerability, CVE-2025-31324, in SAP NetWeaver Visual Composer. For the non-geeks: it means attackers could sneak their own code into core enterprise systems, no password required. Researchers discovered attackers using mass reconnaissance tools like Nuclei and found evidence of widespread scanning from IP addresses like 15.204.56[dot]106. The takeaway? If your organization relies on SAP, now’s the time to patch up and check every exposed endpoint for suspicious uploads. EclecticIQ’s high-confidence assessment: this campaign is wide, organized, and ongoing.

Meanwhile, the Department of Homeland Security just lit up the warning boards about a surge in China-based tech firms smuggling signal jammers stateside. These aren’t cheap gadgets for blocking your neighbor’s Wi-Fi. We’re talking military-grade jammers capable of sabotaging emergency comms and even critical infrastructure signals. CISA has issued an alert: organizations should immediately audit radio-frequency-dependent tech and double-check procurement channels for anything suspiciously sourced from certain flagged Chinese vendors. Their words, not mine: “Inspect, inventory, and isolate.”

Local governments got their own headaches. Exploits against CityWorks—widely used municipal software—are being traced back to Chinese-speaking hackers. Think water, power, even traffic systems. Vulnerabilities unpatched in these tools are being actively targeted, so if you’re a mayor or city sysadmin, CISA’s advice is simple: patch now, don’t wait for Monday.

Let’s not forget the hardware side of the house! Rogue communication modules were recently discovered in Chinese-made solar power inverters. These tiny trojans allow external commands to slip right past firewalls, potentially letting attackers disrupt power grids remotely. Mike Rogers, former NSA head, put it bluntly: the risk goes straight to the heart of U.S. infrastructure resilience.

In response, the official defensive playbook for today:
- Apply emergency patches for SAP NetWeaver and update all detection rules for anomalous file uploads.
- Inventory and lock down signal-related tech, especially around critical infrastructure.
- Audit municipal software for unpatched exploits and segment networks wherever possible.
- Physically inspect hardware from high-risk vendors—sometimes, you actually have to open the box.

That’s it from me, Ting, for today’s China Hack Report. Remember: Patch early, patch often, and never trust a random USB drive.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta
...more
View all episodesView all episodes
Download on the App Store

China Hack Report: Daily US Tech DefenseBy Quiet. Please