China’s Ministry of State Security Directed the Theft of COVID-19 Research and the Exploitation of Microsoft Exchange Server Vulnerabilities, Known Publicly as the Indiscriminate ‘HAFNIUM’ Intrusion Campaign The Justice Department announced today that Xu Zewei (徐泽伟), 33, of the People’s Republic of China was arrested on July 3 in Italy at the request of the United States.
Xu and his co-defendant, PRC national Zhang Yu (张宇), 44, are charged in a nine-count indictment, unsealed today in the Southern District of Texas, for their involvement in computer intrusions between February 2020 and June 2021, including the indiscriminate HAFNIUM computer intrusion campaign that compromised thousands of computers worldwide, including in the United States. Xu was arrested in Milan, Italy, and will face extradition proceedings.
Read more…
Source: U.S. Department of Justice
Sign up for the Cyber Security Review Newsletter
The latest cyber secnews and insights delivered right to your inbox.
Related:
- FBI: Increase in malware enabled ATM jackpotting incidents across United States
February 19, 2026
The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a legitimate transaction. The FBI has observed an increase in ATM jackpotting incidents across the ...
- You can jailbreak an F-35 just like an iPhone, says Dutch defense chief
February 18, 2026
Lockheed Martin’s F-35 fighter aircraft can be jailbroken “just like an iPhone,” the Netherlands’ defense secretary has claimed. Gijs Tuinman made the comments during a podcast interview after being asked whether the aircraft’s software could be modified by European forces without permission from the US should it withdraw as an ally. “The F-35 is truly a ...
- China remains embedded in US energy networks ‘for the purpose of taking it down’
February 17, 2026
Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew – Volt Typhoon – continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos’ annual threat report published on Tuesday. Dragos specializes in operational technology (OT) security, and as ...
- US Department of Homeland Security reportedly sent hundreds of subpoenas seeking to unmask anti-ICE accounts
February 14, 2026
The Department of Homeland Security has been increasing pressure on tech companies to identify the owners of social media accounts that criticize Immigration and Customs Enforcement (ICE), according to The New York Times. This echoes other recent reporting, with Bloomberg pointing to five cases in which Homeland Security sought to identify the owners of anonymous Instagram ...
- Paris prosecutor’s cybercrime unit searches X office
February 3, 2026
French police raided the offices of Elon Musk’s social media network X on Tuesday and prosecutors ordered the tech billionaire to face questions in April in a widening investigation, amid growing scrutiny of the platform by authorities across Europe. France’s raid and the summoning of Musk — which could further increase tensions between Europe and the ...
- New Jersey health system agrees to pay $4.5M in data breach settlement
February 3, 2026
Capital Health, a health care provider with multiple locations in New Jersey and Pennsylvania, will pay $4.5 million as part of a settlement over a 2023 data breach that compromised the private information of patients, former patients and employees. In a statement, the company said the stolen information included names, addresses, social security numbers, dates of ...