China's Cyber Sabotage Spree: Brace for Impact!

This is your Dragon's Code: America Under Cyber Siege podcast.

If you’ve patched anything this week, bless your keyboard—let’s get into Dragon’s Code: America Under Cyber Siege, the week when Chinese nation-state hackers weren’t just knocking on the door; they tried to reroute the wiring.

First up: SharePoint’s China Syndrome. Remember when Microsoft cops got wise to their codebase being maintained by China-based coders? That bit them—twice. The infamous zero-days CVE-2025-49706 and its merry band (including the 9.8-rated CVE-2025-53770) went from secret to scorched earth before the scheduled patch could even debut. Microsoft’s quick fix July 8th was tripped up and bypassed in hours, with Linen Typhoon and Violet Typhoon—yes, actual Chinese APTs, not X-Men knockoffs—leading the exploitation and Storm-2603 launching Warlock ransomware. The Office of the Director of National Intelligence is on repeat: China is the “most active and persistent cyber threat” we have, and this week proved it. US officials are now considering bans on China-based engineers for anything with even a hint of military tang.

Meanwhile, Darktrace tracked a wild escalation in sophisticated attacks on US infrastructure. Before a nasty flaw in Trimble Cityworks, a platform running everything from airports to water systems, was public knowledge, Chinese-speaking groups were already inside, acting on intel just as suspicious activity was detected in January. They went hands-on-keyboard, exploiting before anyone else even knew to blink. The cyber kill chain included classic spear-phishing, info stealers, and phishing campaigns morphing overnight. According to security experts there, the threat actors’ hallmark was exploiting internet-facing services critical to municipal infrastructure—a risky game when those platforms touch everything from city lights to public works.

And then, say hello to a wholly new flavor of attack—AI-enabled information ops. OODAloop reports that China, with help from rising AI firms, is now using artificial intelligence for all-out information warfare. Not just reading public debate but swarming it, collecting—yes, scraping—data on Members of Congress, then mass-producing propaganda. It's like a thought polisher on steroids, and American intelligence is on edge that these tools could flip from Hong Kong and Taiwan tests to US election meddling in a blink.

We’ve also got face-palming smishing breakthroughs: GBHackers warns about syndicates like Lao Wang’s, using phishing-as-a-service to hijack 115 million US payment cards, provisioning them in Apple Pay and Google Wallet for attack patterns that make old-school bank fraud look quaint. These kits are geofenced, phone-user-aware, and OTP-hungry—they evade Tor and catch real-time codes to own wallets without tripping fraud wires.

Elsewhere, Gladstone AI’s report, referenced by War on the Rocks, flagged Chinese-made hardware baked into American AI data centers, making even the most advanced models vulnerable to power consumption-based extraction attacks. Former FBI boss Chris Wray says the pace is relentless: a new China-linked counterintelligence investigation opens every twelve hours. Smugglers rerouting Nvidia H100s through Malaysia to China? The Register was first with the scoop, and now the Justice Department is on that, too.

What have we learned? First, patch speed has to outpace leak speed. Segmentation isn’t optional, MFA must be bulletproof, and asset discovery should go everywhere data might sneak in or out. Government and CISOs agree: early detection is our best friend, and network visibility is king.

Thanks for tuning in to Dragon’s Code: America Under Cyber Siege, and don’t forget to subscribe. This has been a Quiet Please production, for more check out quietplease dot ai.

For more http://www.quietplease.ai