Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands.

Eran Haggiag, CEO & Founder, Glide Identity

The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.

Investigators found the malware, dubbed Firestarter, on a federal agency's network in a campaign dating back to at least September 2025.

Researchers said it’s the first-ever mapping of attack traffic to mobile operator signalling infrastructure.

The joint warning describes a major tactical shift by Chinese-linked hackers and lays out what organizations should do about it.

Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies.

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection.

The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.