Cyber Security News

Hacking Editorial Brief – April 28, 2026

Chinese State-Backed Hacker Extradited Over COVID-19 Research Theft

Italy has extradited Chinese national Xu Zewei, 34, to the United States to face charges related to hacking U.S. universities and government entities to steal COVID-19 vaccine research during the pandemic. U.S. prosecutors allege Xu was involved in the HAFNIUM computer intrusion campaign, which compromised thousands of computers worldwide between 2020 and 2021. The case represents a significant law enforcement action against alleged state-sponsored cyber espionage targeting critical health research during a global crisis. HAFNIUM, a known advanced persistent threat group, has previously been attributed to Chinese state-backed operations focusing on intellectual property theft from research institutions.

Medical Device Giant Medtronic Discloses Breach; ShinyHunters Claims Responsibility

Medtronic has reported to federal authorities that cybercriminals breached its corporate IT systems, though the company states medical device operations were not affected. The prolific threat actor ShinyHunters has claimed responsibility for the attack, allegedly using phishing tactics to compromise the systems and steal over 9 million records containing personally identifiable information. Meanwhile, ShinyHunters is also linked to a separate breach at ADT, where the group reportedly obtained data on 5.5 million customers through phishing operations. Additionally, Israeli users have received threatening WhatsApp messages in what appears to be a psychological warfare campaign attributed to Iranian threat actor group Handala, following their established pattern of combining cyberattacks with intimidation tactics.

Sources: GovInfoSecurity · Al Jazeera · Nextgov · Mashable · JPost