LIMINAL PANDA: China’s Emerging Espionage Threat in the Semiconductor and Technology Sectors

LIMINAL PANDA is a suspected China-nexus cyber‑espionage actor targeting semiconductors, AI, and defense R&D using spearphishing, cloud credential and OAuth abuse, supply‑chain compromise, and malware such as PlugX and ShadowPad; the report describes their evolution toward cloud‑native persistence, multi-vector campaigns across East Asia, Southeast Asia, Europe and the West (2022–2025), the strategic implications for IP and national security, and recommended mitigations (MFA, conditional access, email/endpoint protections, threat hunting, and supply‑chain assurance).