This is your China Hack Report: Daily US Tech Defense podcast.Hang tight, listeners—Ting here, your go-to for all things China, cyber, and hacking with a touch of sass. We’re cutting straight to the chase because the last 24 hours have thrown the U.S. tech defense world into the cyber equivalent of DEFCON 2.The hottest chatter across threat feeds is Operation WrtHug, which SecurityScorecard just flagged as a China-linked APT campaign. Thousands of ASUS WRT routers—yes, those little boxes powering your home offices—are compromised globally. The hackers exploited a cocktail of legacy flaws, mostly targeting outdated router firmware and the AiCloud service. That means mass persistence and easy remote control. Of course, the beauty—or horror—of it lies in its stealth: self-signed TLS certificates with a 100-year expiration, suggesting the attackers want a long-term spy perch. The majority of infected gear is in Taiwan, but plenty sit inside American homes and businesses. Security teams are scrambling to get everyone to update or, better yet, retire any end-of-life networking kit.Today’s new malware, codenamed by analysts as “WrtHug Loader,” is custom-built for persistence and lateral movement. It spreads via hijacked software updates—a favorite trick these days, tracked by BankInfoSecurity. In fact, there are at least 10 active China-aligned APTs hijacking legitimate updates and pushing bad code via DNS redirection. So if your update server starts acting weird, shut it down—stat.Sectors under the microscope: telecom and OT (operational tech). Salt Typhoon is still making the rounds, described by Senator Ben Ray Lujan as “the largest telecommunications hack in our nation’s history.” This campaign compromised nine major U.S. carriers—think Verizon, AT&T, and Lumen—and allowed adversaries to geolocate, intercept, and record calls plus text metadata. That’s not just cybercrime; it’s digital espionage, at national scale. Not to mention the Army National Guard network also got popped.CISA and the FBI have dropped new advisories in emergency mode. There’s a critical OS command injection warning for Fortinet FortiWeb—patch it or unplug. Also, a remote code execution flaw in the trusty 7-Zip archiver, now tracked as CVE-2025-11001, is being exploited in the wild. Admins, get those updates deployed yesterday.Congress is joining the fight, passing the Strengthening Cyber Resilience Against State-Sponsored Threats Act as well as the PILLAR Act, both aimed at reinforcing national and local cyber defenses against China’s increasingly sophisticated campaigns. The federal government is urged to coordinate across agencies, with Representative Andy Ogles and Chairman Garbarino declaring America First cybersecurity an urgent mission.If you’re wondering what to do right now: patch everything, especially routers and Fortinet gear. Check that no traffic is being funneled through odd DNS servers or proxy gateways. Segment your networks. And if your equipment is too old to be updated, time for some e-waste recycling.Thanks for tuning in with me, Ting, for today’s China Hack Report. Don’t forget to subscribe so you never miss an update. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios