Sophos has revealed a detailed account of five years of cyber espionage activities linked to Chinese threat actors targeting network devices worldwide. The cybersecurity firm employed surveillance implants on its own devices to capture the hackers in action, providing insights into China's research and development pipeline of intrusion techniques. One notable actor, identified as EmeraldWhale, was observed running a global operation targeting exposed Git configurations, resulting in the theft of over 15,000 cloud service credentials, according to Sysdig. Additionally, Chinese threat actors have been using the Quad7 botnet in password-spray attacks, reported by Security Affairs.