Archive - Natto Thoughts

Knownsec: The King of Vulnerability Missed Three Vulnerabilities of Its Own

The leak incident involving Chinese cybersecurity firm Knownsec shows the company’s seemingly transparent crisis management strategy and underscores its…

Dec 3 •

November 2025

China’s Cybersecurity Companies Advancing Offensive Cyber Capabilities Through Attack-Defense Labs

Private-sector attack-defense labs form a core pillar of how China builds, sustains, and operationalizes cyber capability for commercial purposes and…

Nov 19 •

Eugenio Benincasa

and

A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers

A TCL TV vulnerability disclosure drove home the message: to protect its economic and political clout, China must heed global vulnerability researchers…

Nov 5 •

October 2025

Beyond the Aliases: Decoding Chinese Threat Group Attribution and the Human Factor

Examining the overlap between APT27, HAFNIUM, and Silk Typhoon through recent U.S. government disclosures, and why understanding the humans behind the…

Oct 22 •

China’s Vulnerability Research: What’s Different Now?

China’s bug-hunting scene is maturing - more players, bigger prizes, tighter structure, and a growing focus on domestic products, driven by profit…

Oct 8 •

Eugenio Benincasa

and

September 2025

Who is Salt Typhoon Really? Unraveling the Attribution Challenge

How overlapping APT groups and Chinese companies complicate attribution in state cyber operations

Sep 24 •

Salt Typhoon: New Joint Advisory Offers a Beacon Through the Storm but Stirs Up New Questions

Analysis of newly identified Salt Typhoon-linked companies casts light on the complex ecosystem of front companies and real businesses supporting…

Sep 10 •

August 2025

No Ranges, No Bounties, No Contests: Forging Offensive Capabilities in China’s 2000s Hacker Scene

China’s early hacking training grounds weren’t classrooms or hacking contests, but online forums, real-world targets, and freely shared offensive tools…

Aug 27 •

Eugenio Benincasa

Few and Far Between: During China’s Red Hacker Era, Patriotic Hacktivism Was Widespread—Talent Was Not

Inside the small, elite circles that powered China’s massive hacker communities in the late 1990s and 2000s.

Aug 13 •

Eugenio Benincasa

July 2025

When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program

Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability…

Jul 31 •

Eugenio Benincasa

,

, and

HAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber Ecosystem

How one man’s career reveals the interconnected web of China’s state security apparatus, cybersecurity firms, and strategic industries

Jul 23 •

Pick Your Innovation Path in AI: Chinese Edition

China’s advances in AI show the effects of a state approach of “introduce, digest, absorb, re-innovate” and years of debate on the balance between…

Jul 9 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts