China's Cyber Bonanza: Hacking, Smishing, and Drone-Snooping Galore!

This is your Red Alert: China's Daily Cyber Moves podcast.

Listeners, it’s Ting here, and let’s skip the fluff because today, the Red Alert on China’s daily cyber moves is ringing off the hook. If you checked your feed in the past 48 hours, you’d see the U.S. cyber front line under urgent pressure—from government servers to your grandma’s phone. Cue timestamp: 7:13 PM, August 6, 2025, and we’re looking at the cyber equivalent of DEFCON 2.

Let’s hit the timeline. Just this morning, CISA and the FBI pushed out emergency threat bulletins after Microsoft flagged coordinated Chinese state-backed hacks zeroing in on on-premises SharePoint. If you’re sitting on a SharePoint server—Subscription Edition, 2019, 2016—you might already have a custom web shell with the cheery name “spininstallo.aspx” crawling through your system. Attackers are exploiting CVE-2025-49706 and 49704 for initial access, then backdooring with RCE exploits—thanks, Linen Typhoon and Violet Typhoon. The exfil method: classic HTTP, siphoning off configuration files and credentials. According to Microsoft, over 90 U.S. state and local governments have been smacked in the past week—not just annoying, but lights-out serious for critical services.

But that’s just the morning coffee. By noon, emergency response agencies scrambled as reports rolled in of drones—yep, drones—from DJI and Autel Robotics, both proudly Shenzhen creations, being used for close-in surveillance runs near sensitive U.S. military bases. FDD and others note China’s ability to blur commercial sales with military espionage; these aren’t toy quadcopters—they’re eyes and ears for hybrid recon, possibly supply chain hacks. And if you think America’s got clean tech—think again. Chinese-made parts underpin so much hardware that, per Gladstone AI’s exposé, even AI labs are essentially cheese graters for security, with electromagnetic side-channel attacks possible through compromised supply chains.

The brewing storm didn’t end there. Mid-afternoon saw a wave of payment card breaches. Security analysts at GBHackers detected Chinese-speaking syndicates, like the notorious Lao Wang operation, leveraging tokenized smishing attacks, not just nabbing your debit digits but sliding them into Apple Pay and Google Wallet—all while bypassing multi-factor authentication. As of today’s count, up to 115 million U.S. payment cards might be compromised. That’s not mugging—it's grand larceny at a continental scale.

Meanwhile, the Department of Justice nabbed Chuan Geng and Shiwei Yang in Los Angeles on charges of smuggling millions worth of Nvidia’s top AI GPUs out to China disguised via Singapore and Malaysia. This bust was pure old-school misdirection—the perfect foil to China’s “Made in China 2025” strategy, which is full-spectrum military-civil tech integration.

So where does it escalate? With SharePoint shells spreading and drone-facilitated recon blending physical and cyber, imagine a scenario where ransomware, infrastructure sabotage, and disinformation all hit—say, during our next election cycle. The U.S. is playing cyber whack-a-mole while China rewrites the rules.

Required actions, friends: Patch your SharePoint stack, lock down your supply chain, and if you’re still using SMS for MFA, switch to an authenticator app—yesterday. CISA wants all critical agencies to audit for backdoors and monitor for device anomalies, especially on anything “smart” and made in or near Shenzhen.

This is Ting saying thanks for tuning in—subscribe for your next Red Alert rundown, and keep your systems tight and your usernames tighter. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta