Cyber Storms Brewing: US-China Hacks Heat Up! Spies in SharePoint, Mayhem in the Military

This is your Red Alert: China's Daily Cyber Moves podcast.

All right, listeners, strap in—this is Ting with another episode of “Red Alert,” because the cyber front lines between the US and China were anything but quiet this week. Picture it: it’s barely August, but already the cyber weather’s been stormy on both sides of the Pacific.

Let’s jump to the big one. Just yesterday, Microsoft warned that Chinese state-backed hacking groups were exploiting a gnarly set of bugs in SharePoint, their widely used document-sharing platform. We’re talking bugs so serious that at least two nation-state units, like the notorious Storm-2603 and Fire Ant, managed to worm their way into not just corporations, but over 400 government agencies in the US alone, including—rumors say—part of the Department of Homeland Security. Microsoft’s tech chief even confirmed DOD was holding daily crisis meetings post-incident. That’s not your typical break room sync.

Simultaneously, cybersecurity intelligence firms have flagged active Chinese hacking groups plugging away at lingering VMware and F5 flaws for months, targeting secure government and enterprise systems across the US and Europe. Sygnia and CheckPoint—two of my favorite threat trackers—confirmed these were coordinated espionage exercises, not smash-and-grab jobs. And for those following the action, the group dubbed “Salt Typhoon” slipped into National Guard networks, exfiltrating system configurations. Experts are calling this a serious escalation, hinting the US military is now operating under the assumption that all force networks could be compromised for the foreseeable future.

Naturally, CISA and the FBI are sprinting to keep up. Today saw a volley of emergency alerts from the agencies, urging all organizations running on-premises SharePoint, VMware, or F5 appliances to patch NOW—yeah, stop your coffee breaks. CISA even rolled out the new Thorium platform, an open-source malware analysis suite, to help defenders get forensic visibility in real time.

But don’t lose the plot: while the US is on the defensive, China is spinning its own tale, accusing Uncle Sam of using a Microsoft Exchange bug to run espionage ops against Chinese military companies. The Cyber Security Association of China, straight from the Cyberspace Administration, claims US-linked actors breached military targets for almost a year, pointing to two “major” attacks. Of course, Microsoft claps back—remember the 2023 hack where Chinese operatives rifled through senior US officials’ mailboxes via Exchange vulnerabilities? The blame game is Olympic-level now.

Timeline-wise, the escalation has been rapid: late last week—National Guard breach; over the weekend—SharePoint zero-days disclosed; Monday—DHS confirms impact; today—global agencies on patchoverdrive, CISA launches Thorium, and a storm of mutual recriminations hits diplomatic wires.

The question looming over all of us: Will these attacks stay cyber-espionage, or is there potential for sabotage, system lockouts, or even kinetic escalation? If the trend holds, expect more emergency directives, higher-level declassification of threat intel, and, let’s be honest, a lot more midnight pizza for blue team analysts everywhere.

That’s all from me—Ting—your techie-in-chief, tracking China and cyber. Thanks for tuning in, and don’t forget to subscribe for the latest. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta