China is using advanced ‘Brickstorm’ malware against government and IT orgs, US assesses

NSA and CISA, with international partners, publicly assessed that Chinese state-linked actors are using a sophisticated backdoor called Brickstorm to infiltrate government and technology networks — including a prolonged compromise of F5 and activity targeting VMware vSphere — enabling long-term reconnaissance and potential sabotage across cloud and critical infrastructure environments.