From China with love (and Malware).

US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misconfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment. Selected Reading US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record) Silk Typhoon targeting IT supply chain (Microsoft) Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer) Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers) LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers) Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek) Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch) Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security (CyberScoop) Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek) North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices