Dragon Weave Hit Taipei; Shangri-La Ranked AI
Czech Republic to Taiwan
The Dragon Weave campaign, attributed this week to a China-linked intrusion cluster by security researchers, targeted government-adjacent networks in the Czech Republic and Taiwan in the same reporting window. The pairing is not incidental. Czech BIS, the Security Information Service that serves as the country's domestic counterintelligence agency, named Chinese state-sponsored intrusion as a priority threat in its 2024 annual report. Taiwan needs no annotation here.
"China-linked" is the vendor attribution label. The campaign documentation calls the implant an "espionage tool"; the artifacts document a remote access capability designed for data exfiltration that avoids behavioral detection at the endpoint. The reporting does not specify dwell time or whether the primary target was government or financial sector. Dragon Weave is active in Taipei's government-adjacent networks this reporting window. A Hong Kong institution's cross-border payment rails run through the same segment.
The Summit's Wrong Register
The Shangri-La Dialogue, Asia's annual defense ministerial convened in Singapore, concluded this week with AI ranked above nuclear weapons in participant threat assessments. Read as a procurement signal, the ranking is coherent. The week's CVE advisories and active exploit chains are a different document.
Palo Alto's product documentation describes GlobalProtect, the company's remote network access product, as zero-trust network access (a security model in which no single credential determines interior access). GlobalProtect's authentication layer entered its second active exploit wave this week. Both sentences are accurate. The product page contains only the first.
A critical remote code execution flaw in Windows Netlogon, the authentication protocol governing trust relationships between Windows domain controllers, moved from disclosed to actively exploited in live attack chains this week. Domain controllers are the servers that manage identity across enterprise Active Directory environments; Active Directory is the identity infrastructure running across most financial-sector networks in Hong Kong and Singapore. A Hong Kong bank running Active Directory has a Netlogon patch to apply before the week ends. The Shangri-La communiqué names neither product.
Dragon Weave's documentation this week names the Czech Republic and Taiwan. It does not name the targeted sector or the intrusion vector. For a Hong Kong risk officer with cross-border exposure to Taiwan, sector determines whether the exposure is financial or governmental. That classification is not in the public release. It sits with the vendor who documented the campaign and the incident responders who worked it. Neither has published a technical advisory this week.