Archive - Natto Thoughts

When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program

Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability…

Jul 31 •

Eugenio Benincasa

,

, and

HAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber Ecosystem

How one man’s career reveals the interconnected web of China’s state security apparatus, cybersecurity firms, and strategic industries

Jul 23 •

Pick Your Innovation Path in AI: Chinese Edition

China’s advances in AI show the effects of a state approach of “introduce, digest, absorb, re-innovate” and years of debate on the balance between…

Jul 9 •

June 2025

Butian Vulnerability Platform: Forging China's Next Generation of White Hat Hackers

From 'Trouser Belt Project' to 'Patching the Sky': Qi An Xin’s Butian platform serves as cradle for nurturing new talent and smelter for refining…

Jun 25 •

Defense-Through-Offense Mindset: From a Taiwanese Hacker to the Engine of China’s Cybersecurity Industry

The belief that offense enables defense in cyberspace, first rooted in China’s 1990s hacker culture, has since permeated the country’s cyber ecosystem

Jun 11 •

Eugenio Benincasa

May 2025

From Humble Beginnings: How a Vocational College Became a Vulnerability Powerhouse

Qingyuan Polytechnic's focus on vulnerability studies highlights China's continued efforts in gathering vulnerability resources

May 28 •

From the World of “Hacker X Files” to the Whitewashed Business Sphere

Jiang Jintao’s journey from hacker to infosec entrepreneur illustrates the blend of ambition, skill, and changes in China's cybersecurity industry

May 14 •

April 2025

Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S.

China’s security services have called out hackers of an alleged “Internet Army of Taiwan Independence” and of the U.S. National Security Agency…

Apr 16 •

Eugenio Benincasa

and

Indictments and Leaks: Different but Complementary Sources

A case study of the i-SOON indictment and leaks reveals that source information may vary but it is important to compare and evaluate information for…

Apr 2 •

March 2025

Zhou Shuai: A Hacker’s Road to APT27

US-sanctioned, allegedly APT27-associated actor Zhou Shuai represents a group of Chinese elite hackers who have become an important resource for Chinese…

Mar 19 •

Where is i-SOON Now?

i-SOON’s business struggles after the leak reflect the cruel reality of China’s hacker-for-hire industry

Mar 5 •

February 2025

The Pangu Team—iOS Jailbreak and Vulnerability Research Giant: A Member of i-SOON’s Exploit-Sharing Network

A year after the i-SOON leaks, a deep dive into the Pangu Team reveals new insight into the relationships between elite vulnerability researchers and…

Feb 19 •

Eugenio Benincasa

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts