This is your Tech Shield: US vs China Updates podcast.I’m Ting, and let’s jack straight into this week’s US‑China cyber showdown.The headline story is Senator Mark Warner warning that Chinese operators tied to the Salt Typhoon campaign are “still inside” US telecom networks, with access to unencrypted communications for potentially “almost every American.” According to Warner’s remarks reported by the Financial Times and Newsmax, the FBI is saying the networks are “pretty clean,” while other intel components insist the intrusions are ongoing, which tells listeners one thing: the defenders are not fully aligned, and China’s Ministry of State Security is loving that gap.On the defensive side, the US is scrambling to harden the stack. The NSA and CISA have been pushing advisories all week reminding carriers and cloud providers to lock down exposed edge devices that Salt Typhoon loves to pop. Huntress and other threat intel shops describe Salt Typhoon as a Chinese state‑sponsored APT focused on telecom and critical infrastructure, exploiting known but unpatched bugs in routers, VPNs, and web front ends. Translation: patch hygiene is still the weak link.Speaking of patches, CISA just blasted out an emergency directive on the new React2Shell flaw, CVE‑2025‑55182. Western Illinois University’s cybersecurity news feed and The Hacker News report that two China‑linked groups weaponized this React Server Components bug within hours of disclosure, and CISA ordered federal agencies to patch by December 12 or pull affected services off the internet. React shipped fixes in versions 19.0.1, 19.1.2, and 19.2.1, and Microsoft added its own round of 56 security fixes this week, including actively exploited Windows issues. That’s not just housekeeping; it’s the US trying to slam doors before Beijing’s operators can turn a web framework bug into a beachhead in .gov and defense contractors.At the strategic layer, the FCC’s ongoing push to “protect the nation’s communications systems from cybersecurity threats” has turned into concrete moves against high‑risk Chinese‑linked hardware in US networks, while the Department of Treasury has sanctioned entities tied to Salt Typhoon, and the FBI is literally offering a $10 million bounty for tips on that crew. That’s lawfare plus wallet‑warefare: make it painful to do Beijing’s bidding.Now, effectiveness check. The good news: faster advisories, coordinated patch deadlines, more aggressive sanctions, and bounties are raising the cost for Chinese operators. Industry is starting to respond with better default encryption, zero‑trust architectures, and AI‑assisted anomaly detection tuned specifically to PRC tradecraft.The bad news: Warner is right that the US telecom ecosystem is still a “hodgepodge” built for profit, not security. Replacing insecure hardware, ripping out legacy gear, and enforcing minimum security baselines will cost billions, and carriers are dragging their feet. While Washington argues budgets, Salt Typhoon keeps quietly living in the walls.So the tech shield is thicker than last year, but still full of legacy rust and political duct tape. Until encryption is ubiquitous, patching is near‑real‑time, and insecure gear is ripped out at scale, Chinese state hackers will keep finding seams to pry open.Thanks for tuning in, listeners, and don’t forget to subscribe for more deep dives with me, Ting. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios