Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

The Chinese nation-state threat group intruded five additional telecom networks between December and January, including two unnamed providers in the U.S., Recorded Future researchers said.

Known as Glutton, researchers at QiAnXin’s XLab believe Winnti is responsible for the malware.

The vulnerability used in the attack against the federal agency is well-known and among the top exploits in 2021.

Twitter confirmed Friday that a bad actor used a vulnerability to match private information with potentially anonymous Twitter accounts.

The breach is separate from the SolarWinds fallout and had not been previously publicly disclosed.

The details are part of an effort to help defend critical infrastructure "and our democratic values and institutions," a spokesperson said.

Cybersecurity executives have compared the safe havens that some governments provide cybercriminals today with 17th century piracy.

"He recognizes he’s not a cyber expert, but he goes to those who help him make informed decisions," said Greg Touhill, a former senior DHS official.

Cyber Command has a graphics company on hand to mock foreign hackers.