Archive - Natto Thoughts

i-SOON: Another Company in the APT41 Network

A lawsuit casts light on the ecosystem of IT companies related to Chengdu 404, the company allegedly behind Chinese state-sponsored hacking group APT41.

Oct 27, 2023 • Natto Team

Salt Typhoon: the Other Shoe Has Dropped, but Consternation Continues

Sichuan Juxinhe, directly involved in the Salt Typhoon cyber operations, resembles a front company of the Chinese Ministry of State Security

Jan 22, 2025 • Natto Team

China’s Vulnerability Research: What’s Different Now?

China’s bug-hunting scene is maturing - more players, bigger prizes, tighter structure, and a growing focus on domestic products, driven by profit…

Oct 8, 2025 • Eugenio Benincasa and Natto Team

When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program

Chinese companies face conflicting pressures between MAPP’s non-disclosure requirements and domestic policies that incentivize or mandate vulnerability…

Jul 31, 2025 • Eugenio Benincasa, Dakota Cary, and Natto Team

Defense-Through-Offense Mindset: From a Taiwanese Hacker to the Engine of China’s Cybersecurity Industry

The belief that offense enables defense in cyberspace, first rooted in China’s 1990s hacker culture, has since permeated the country’s cyber ecosystem

Jun 11, 2025 • Eugenio Benincasa

The Many Arms of the MSS: Why Provincial Bureaus Matter in China’s Cyber Operations

Provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for cyber…

Dec 16, 2025 • Eugenio Benincasa and Natto Team

Flax Typhoon-Linked Company Integrity Technology: a Competitor, Business Partner and Client of i-SOON

First i-SOON, then Integrity Tech: How many more Chinese information security companies lie behind Chinese state cyber threat campaigns?

Sep 25, 2024 • Natto Team

Matrix Cup: Cultivating Top Hacking Talent, Keeping Close Hold on Results

Matrix Cup aligns with China’s strategy to enhance its offensive and defensive cyber capabilities by increasing the volume of vulnerabilities available…

Jul 24, 2024 • Eugenio Benincasa and Natto Team

China’s Cybersecurity Companies Advancing Offensive Cyber Capabilities Through Attack-Defense Labs

Private-sector attack-defense labs form a core pillar of how China builds, sustains, and operationalizes cyber capability for commercial purposes and…

Nov 19, 2025 • Eugenio Benincasa and Natto Team

The Red Dragon Searches for Pearls Through Quantum Tunneling – But You’ve Got the Wrong Paper

A September paper, soon hushed up, shows Chinese researchers may have discovered a class of quantum-annealing algorithm capable of attacking…

Oct 22, 2024 • Natto Team

The Pangu Team—iOS Jailbreak and Vulnerability Research Giant: A Member of i-SOON’s Exploit-Sharing Network

A year after the i-SOON leaks, a deep dive into the Pangu Team reveals new insight into the relationships between elite vulnerability researchers and…

Feb 19, 2025 • Eugenio Benincasa

Sichuan Silence Information Technology: Great Sounds are Often Inaudible

Formerly very public, Sichuan Silence has gone quiet since 2020; but as part of a circle of Chengdu-based jack-of-all-trades infosec companies, it…

Dec 4, 2024 • Natto Team

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts