We’re proud Synapse is playing a part in the hands-on workshop at @ccdcoe #CyCon2026 with @lawsecnet.counterintelligence.pl, @euben.bsky.social, and Jiro Minier:

“Threat Actors Can Do Public-Private Partnership Too”

Faux Amis: How France Stands Apart in Europe’s High-Risk University Cyber Partnerships with China France hosts the EU’s densest cluster of cyber partnerships with Chinese defense-linked universities, raising exposure to dual-use knowledge transfer, EU funding access, and institutional influence

France hosts the EU’s densest cluster of cyber partnerships with Chinese defense-linked universities, raising exposure to dual-use knowledge transfer, EU funding access, and institutional influence. New Natto Thoughts’ piece from @euben.bsky.social

www.nattothoughts.com/p/faux-amis-...

Europe forgets its bug hunters at its own peril Without safe harbour for independent vulnerability researchers, Europe risks discouraging the reporting its disclosure regime needs

Europe is building stronger systems to report vulnerabilities, but it risks overlooking the people who discover the flaws first: independent security researchers, write @euben.bsky.social and Max van der Horst:

bindinghook.com/europe-forge... #EUcybersecurity

The Tianfu Cup Returns Under MPS Leadership as AI Takes Center Stage After a two-year hiatus, the Tianfu Cup returns under MPS lead, combining AI-assisted vulnerability discovery and exploitation, a new competition track, and less transparency in vulnerability handling

The Tianfu Cup is back this year. See the analysis of the event by Eugenio @euben.bsky.social published today on Natto Thoughts.

www.nattothoughts.com/p/the-tianfu...

Provincial Tasking, Cross-Provincial Execution: A Case-Based Look at How China Scales Cyber Operations How decentralized MSS and MPS tasking and market-enabled, cross-provincial execution by commercial firms shape the scale of China’s cyber operations

We continue exploring provincial level’s involvement in cyber operations. See details in analysis by @euben.bsky.social

www.nattothoughts.com/p/provincial...

The Many Arms of the MSS: Why Provincial Bureaus Matter in China’s Cyber Operations Provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for cyber operations

In this post, @euben.bsky.social and the Natto Team assess that provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for cyber operations.

nattothoughts.substack.com/p/the-many-a...

Few and Far Between: During China’s Red Hacker Era, Patriotic Hacktivism Was Widespread—Talent Was Not Inside the small, elite circles that powered China’s massive hacker communities in the late 1990s and 2000s.

@euben.bsky.social Eugenio’s research explains the elite cyber talent paradox in China - “all people are soldiers” vs “extremely lean.”

#Cybersecurity #TalentPipeline #CyberOperations

nattothoughts.substack.com/p/few-and-fa...

Can’t wait for this :)

When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability disclosure to the state.

Available here: nattothoughts.substack.com/p/when-privi...

Microsoft is probing whether a MAPP leak let Chinese hackers exploit a SharePoint vuln pre-patch.

In this new piece for Natto,
@dakotaindc.bsky.social, @meidanowski.bsky.social & I dig into:
🏛️ China's vuln reporting rules
📉 Which firms joined/left MAPP since 2018
⚠️ The risks today’s members pose

Microsoft Probing If Chinese Hackers Learned of Flaws Via Alert Microsoft Corp. is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, acc...

New: Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in SharePoint before they were patched, enabling a global campaign of cyberattacks, according to people familiar: www.bloomberg.com/news/article...

Hooked! #5: A series of new reports and research shows that China’s tech sector is on the offense A series of new reports and research shows that China’s tech sector is on the offense

In the latest Hooked!, editor @katharinegk.bsky.social ties together some fascinating recent research from @benread.bsky.social , @euben.bsky.social, @winnona.bsky.social, and others on private sector elements of Chinese offensive cyber: bindinghook.com/articles-hoo...

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem This CSS Cyberdefense report by Eugenio Benincasa examines how a core group of red hackers from the 1990s and 2000s laid the groundwork for China’s modern cyber capabilities and traces their trajector...

css.ethz.ch/en/center/CS...

Before Vegas – The “Red Hackers” Who Shaped China’s Cyber Ecosystem (Center for Security Studies at ETH Zürich): css.ethz.ch/content/dam/...

6/ Sincerely grateful to the all-star team of experts who shared their insights and feedback: Scott Henderson (Google Mandiant), Adam Kozy (SinaCyber), @meidanowski.bsky.social (@nattothoughts.bsky.social), @thegrugq.bsky.social, @Chris St.Myers (SentinelOne), & Charles Li and Zha0 (TeamT5)

5/ The key lesson: what begins in anonymous forums can end in boardrooms and on digital battlefields. Overlooking civilian hacking talent is a strategic risk.

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.

@kimzetter.bsky.social's excellent piece for Wired unpacks the state-linked side of the story, covering the report and Adam Kozy’s research: www.wired.com/story/china-...

3/ Some Red 40 hackers have carried out operations on behalf of China’s military and intelligence services. Their informal networks, formed during their teens or twenties as members of the same hacking groups, exemplify tool sharing and collab that underpins China’s APTs MO.

2/ It identifies 40 prominent red hackers — “The Red 40” — who shaped China’s cyber ecosystem from the ground up. It tells the story of how these individuals transitioned from online forums to becoming part of a tightly integrated ecosystem.

Full report:
css.ethz.ch/en/center/CS...

1/ China’s cyber capabilities didn’t start top-down, they started with raw hacking talent. The new CSS/ETH report "Before Vegas" traces how informal talent shaped China’s cyber ecosystem, moving from online forums to industry leaders (link in thread).

haha haven't spent too much time around here

Thank you 🙏 really appreciate it!

Thank you! I’d definitely add Alex Josie’s “Spies and Lies” to the book list

Thank you! Looking forward to hearing your thoughts on it

Fully agree, Patrick. I also love his work. He was very kind to review the report and provide feedback before publication 😊

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.

How did China's top APT hackers come to be? Many were early "Honkers" - patriotic hackers who in late 90s launched low-skill cyberattacks against nations deemed disrespectful to China. But once Honkers developed their skills, PLA/MSS came calling. Based on great research by bsky.app/profile/eube...

Pick Your Innovation Path in AI: Chinese Edition China’s advances in AI show the effects of a state approach of “introduce, digest, absorb, re-innovate” and years of debate on the balance between market-driven innovation and state-led development

How has China advanced its AI development to its current state? No single innovation path in AI can be considered definitive.

nattothoughts.substack.com/p/debating-c...

America is coming after Chinese it accuses of hacking Xu Zewei was arrested in Milan on July 3rd

I wrote on the arrest in Italy of Xu Zewei, an alleged Chinese hacker, perhaps the first case where America has sought to extradite a Chinese hacker for mainly or exclusively cyber operations—in this case theft of Covid research during the pandemic. www.economist.com/china/2025/0...

Mobilizing Cyber Power: The Growing Role of Cyber Militias in China’s Network Warfare Force Structure This report examines how China’s cybersecurity industry fields reserve and militia units in support of the PLA and national mobilization system.

“alignment with CCP priorities offers privileged access to state resources, regulatory favor, and expanded commercial opportunities [to hackers]."

NEW Phenomenal report on Chinese civil military fusion and cyber militias by Kieran Green: margin.re/mobilizing-c...

Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.

🚨 NEW PAPER on the 0day Supply Chain 🚨:
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.

key findings below ⬇️- 0/🧵 
www.atlanticcouncil.org/in-depth-res...