Chinese state-sponsored hacking groups APT41 and APT31 have been implicated in recent cyber espionage and cyberattack campaigns targeting government entities. APT41 exploited Google Calendar as a command-and-control (C2) channel to operate malware known as TOUGHPROGRESS, enabling stealthy command transmission and data exfiltration from infected systems. Google confirmed that this technique was used to infect government agencies, with its Threat Intelligence Group developing countermeasures against the activity. Separately, the Czech Republic accused APT31, linked to China’s Ministry of State Security, of conducting a cyberattack on an unclassified network of its Ministry of Foreign Affairs since 2022. Multiple Czech security agencies expressed a high degree of certainty that Beijing was behind the malicious campaign, which drew condemnation from Western governments and the European Union. In related law enforcement actions, the U.S. Department of Justice, in coordination with Microsoft and global partners, dismantled infrastructure tied to the LummaC2 info-stealer malware by seizing five key domains and over 2,300 associated sites, disrupting downstream cybercriminal activities. Additionally, an international operation named Operation Endgame led by the FBI and other agencies seized 300 servers, took down 650 domains, and indicted 20 individuals involved in cybercrime, including a software crypting syndicate that helped malware evade antivirus detection. These developments highlight ongoing global efforts to counter sophisticated cyber threats linked to Chinese state-backed groups and other cybercriminal networks.