A Chinese state-sponsored spear-phishing campaign successfully targeted NASA employees and collaborators, using impersonation of a U.S. researcher to gain access to sensitive data and proprietary software. The campaign, attributed to a Chinese national, employed sophisticated social engineering tactics, including requests for unusual payment methods and abrupt changes to terms, to mask identities and evade restrictions. This incident underscores the persistent threat of advanced persistent threat (APT) groups using tailored phishing to compromise high-value targets.
Government security , Threat Intelligence , Phishing Chinese spear-phishing campaign targets NASA employees April 28, 2026 Share By SC Staff NASA had its employees and research collaborators reported by its Office of Inspector General to have been subjected to a Chinese spear-phishing campaign aimed at procuring the agency's sensitive data, The Hacker News reports. Involved in the campaign was Chinese national Song Wu, who masqueraded as a U.S. researcher to dupe NASA workers into providing access to proprietary software, according to the OIG. Wu, an engineer at the Chinese state-owned Aviation Industry Corporation of China, had already been indicted by the U.S. Justice Department over his involvement in a sweeping phishing operation aimed at U.S. engineers, researchers, and professors between January 2017 and December 2021. "As phishing campaigns continue to become more sophisticated, there are common clues that can betray scammers and expose their export fraud schemes... Export control scammers also often suggest unusual payment methods (such as suspicious wire transfers); abruptly change the terms or source of payment; and use unconventional transfer methods to mask their identity and evade shipping restrictions," said the OIG. SC Staff Related Vulnerability Management Operating at the speed of the adversary Dr. Darren Death April 27, 2026 Why AI-powered vulnerability discovery makes modernizing your security practices and policies mandatory. AI/ML Chinese exploitation of US-made AI models to be quelled, Trump admin pledges SC Staff April 24, 2026 The U.S. was noted by White House Director of Science and Technology Policy Michael Kratsios to be working on quashing China's alleged large-scale distillation campaigns against U.S.-made AI models, The Associated Press reports. Malware CISA: Malware attack compromises US agency via Cisco exploit SC Staff April 24, 2026 Attacks weaponizing the Cisco Adaptive Security Appliance vulnerabilities, tracked as CVE-2025-20333 and CVE-2025-20362, were reported by the Cybersecurity and Infrastructure Security Agency to have successfully compromised a federal civilian executive branch agency with the FIRESTARTER malware in September, according to The Record, a news site by cybersecurity firm Recorded Future. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms DNS Spoofing Deauthentication Attack Defacement Dictionary Attack Distributed Scans Domain Hijacking Google Hacking Information Warfare Password Cracking Reconnaissance You can skip this ad in 5 seconds