Archive - Natto Thoughts

A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers

A TCL TV vulnerability disclosure drove home the message: to protect its economic and political clout, China must heed global vulnerability researchers…

Nov 5 •

October 2025

Beyond the Aliases: Decoding Chinese Threat Group Attribution and the Human Factor

Examining the overlap between APT27, HAFNIUM, and Silk Typhoon through recent U.S. government disclosures, and why understanding the humans behind the…

Oct 22 •

China’s Vulnerability Research: What’s Different Now?

China’s bug-hunting scene is maturing - more players, bigger prizes, tighter structure, and a growing focus on domestic products, driven by profit…

Oct 8 •

Eugenio Benincasa

and

September 2025

Who is Salt Typhoon Really? Unraveling the Attribution Challenge

How overlapping APT groups and Chinese companies complicate attribution in state cyber operations

Sep 24 •

Salt Typhoon: New Joint Advisory Offers a Beacon Through the Storm but Stirs Up New Questions

Analysis of newly identified Salt Typhoon-linked companies casts light on the complex ecosystem of front companies and real businesses supporting…

Sep 10 •

August 2025

No Ranges, No Bounties, No Contests: Forging Offensive Capabilities in China’s 2000s Hacker Scene

China’s early hacking training grounds weren’t classrooms or hacking contests, but online forums, real-world targets, and freely shared offensive tools…

Aug 27 •

Eugenio Benincasa

Few and Far Between: During China’s Red Hacker Era, Patriotic Hacktivism Was Widespread—Talent Was Not

Inside the small, elite circles that powered China’s massive hacker communities in the late 1990s and 2000s.

Aug 13 •

Eugenio Benincasa

July 2025

When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program

Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability…

Jul 31 •

Eugenio Benincasa

,

, and

HAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber Ecosystem

How one man’s career reveals the interconnected web of China’s state security apparatus, cybersecurity firms, and strategic industries

Jul 23 •

Pick Your Innovation Path in AI: Chinese Edition

China’s advances in AI show the effects of a state approach of “introduce, digest, absorb, re-innovate” and years of debate on the balance between…

Jul 9 •

June 2025

Butian Vulnerability Platform: Forging China's Next Generation of White Hat Hackers

From 'Trouser Belt Project' to 'Patching the Sky': Qi An Xin’s Butian platform serves as cradle for nurturing new talent and smelter for refining…

Jun 25 •

Defense-Through-Offense Mindset: From a Taiwanese Hacker to the Engine of China’s Cybersecurity Industry

The belief that offense enables defense in cyberspace, first rooted in China’s 1990s hacker culture, has since permeated the country’s cyber ecosystem

Jun 11 •

Eugenio Benincasa

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts