Comparitech Stack Report
Posts
U.S. authorities probe malware-laden email targeting trade talks with China

U.S. authorities probe malware-laden email targeting trade talks with China

Taylor Hawes
September 08, 2025

🔎 Cyber Watch

U.S. authorities probe malware-laden email targeting trade talks with China

A fake email, apparently sent in July from Representative John Moolenaar, targeted U.S. trade groups, law firms, and government agencies. It contained malware linked to APT41, a hacker group with ties to Chinese intelligence. The FBI and U.S. Capitol Police are now investigating. The email’s timing—just before critical U.S.–China talks—suggests it sought insight into U.S. trade strategy. It remains unclear if the attack succeeded.

Takeaway: Even high-level political negotiations are now fair game for cyber espionage. Security teams must treat even seemingly routine emails as possible threats—especially when tied to sensitive events.

🎙️ Tech Briefing On‑Air

How CISOs influence the board on cyber and AI (ISF Podcast spotlight)

This ISF podcast episode examines how CISOs can become trusted advisors on cyber and AI risks. Karena Man from Korn Ferry stresses that CISOs need storytelling skills and cross-department collaboration to engage boards meaningfully. Boards should be part of processes—not just outcomes. .

What It Means

Organizations that position CISOs as strategic advisors rather than technical gatekeepers can better anticipate cyber threats and AI risks. Board involvement in cybersecurity planning allows faster decision-making, clearer budget priorities, and a stronger security culture.

🤝 Partner Intel

ExaVault is an on-premises self-hosted FTP system that merges file storage and transfer into one streamlined solution. It supports FTP, SFTP, and FTP-SSL protocols, and works seamlessly across devices, platforms, and software. It includes robust security controls—like complex password standards, auto-expiring accounts, and data retention settings—and is trusted by companies of all sizes globally.

🤖 AI Runtime

Zero Trust + AI: Protecting What Firewalls Can't

Traditional firewalls and VPNs expose weaknesses in today’s AI-driven threat landscape. This video covers how a Zero Trust approach—combined with AI—can secure public AI use, preserve private AI integrity, and combat AI-powered ransomware and threats.

📊 By the Numbers

320

North Korea-linked groups have used generative AI to breach more than 320 companies. This makes agentic AI the newest attack surface.

🗳️ Your Tuesday Take

Cast your vote on our weekly poll.

What’s your top concern when securing AI-powered applications?

📩 We’ll share the results in the Friday issue.

🔗 Stay Connected

Until Wednesday’s edition - Let’s keep that zero-day count at zero!