Italy is moving to extradite a Chinese national to the U.S. for alleged cyber-espionage targeting COVID-19 vaccine and treatment research between 2020 and 2021. The individual, arrested in 2025, is accused of conducting hacking operations against universities and researchers and is linked to the state-backed group Hafnium/Silk Typhoon. The case highlights the persistent threat of nation-state actors targeting sensitive biomedical intellectual property.
Data Security , Security Operations , Threat Intelligence Italy moves to extradite Chinese national to U.S. over alleged COVID-19 research hacks April 28, 2026 Share By SC Staff (Adobe Stock) According to Security Affairs, Italy is preparing to extradite Xu Zewei, a Chinese national arrested in 2025, to the United States to face charges of cyber-espionage. The U.S. authorities requested the extradition based on allegations that Xu was involved in hacking operations targeting sensitive research, particularly related to COVID-19 vaccines and treatments. Italian police arrested Xu at Milan's Malpensa Airport in July 2025 on a U.S. warrant. Prosecutors allege that Xu targeted universities and researchers working on COVID-19 vaccines, treatments, and testing between 2020 and 2021. He is also linked to a state-backed hacking group, identified as Hafnium or Silk Typhoon, which has been associated with attacks against U.S. government entities, including the U.S. Treasury. The FBI specifically seeks Xu for his alleged role in espionage operations targeting COVID vaccine research at the University of Texas. Xu's family maintains his innocence, stating he is an IT technician and manager. Source: Security Affairs SC Staff Related Data Security AI coding agent deletes production database in seconds SC Staff April 28, 2026 An AI coding agent, Cursor running Anthropic's Claude Opus 4.6, deleted PocketOS's production database and all volume-level backups in a single API call to infrastructure provider Railway. Data Security Trust or fail: AI unlocks the value of unstructured data but raises new challenges for AI success Paul Wagenseil April 28, 2026 Agentic AI can't succeed without trust, and trust begins with mapping how data is accessed, used, and protected. Data Security Malicious elementary-data package version 0.23.3 steals developer data and cryptocurrency wallets SC Staff April 28, 2026 The attack exploited a GitHub Actions script injection flaw, allowing the attacker to inject shell code that exposed a GitHub token. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Backdoor Blue Team Brute Force Cipher Distributed Scans Drive-by Download DumpSec Hybrid Attack Password Cracking Reconnaissance You can skip this ad in 5 seconds