News
Chinese Man Arrested in Milan Over Alleged Role in Cyberattacks on U.S. Targets
A 33-year-old Chinese national was arrested at Milan’s Malpensa Airport last week. Italian authorities detained him on a U.S. international warrant linked to one of the most persistent cyberespionage campaigns in recent years.
The man, identified as Xu Zewei, is accused of ties to the Silk Typhoon hacking group—an outfit U.S. authorities say has been quietly digging into sensitive government networks, research institutions, and vaccine developers since the height of the COVID-19 pandemic.
A Quiet Arrival, A Sudden Arrest
Xu landed in Milan on July 3rd on a flight from China, unaware that the Italian police were waiting.
According to Italian news agency ANSA, his arrest happened swiftly at passport control. The 33-year-old reportedly showed no resistance.
His detainment is tied to a U.S. extradition request. The charges? Alleged involvement with Silk Typhoon—also known in cybersecurity circles as Hafnium—a state-sponsored Chinese threat actor accused of waging digital warfare against Western institutions.
Now, Xu sits in a prison cell in Busto Arsizio, just outside Milan. The U.S. wants him transferred, fast.
Who or What Is Silk Typhoon?
The name might sound poetic, but there’s nothing soft about their methods.
Silk Typhoon has been a fixture in U.S. cybersecurity threat reports since at least 2020. They’re best known for allegedly exploiting Microsoft Exchange vulnerabilities to gain widespread access to U.S. organizations. But that was just the start.
Their goals are broad. They want information—specifically anything that could give China a scientific, political, or economic advantage.
Back in 2020, as the world scrambled to develop COVID-19 vaccines, Silk Typhoon allegedly went to work:
Targeting infectious disease researchers
Breaching healthcare and pharmaceutical companies
Attempting to steal vaccine-related intellectual property
And they weren’t subtle about it. A joint advisory from U.S. federal agencies warned that foreign actors were attempting to “illicitly obtain valuable intellectual property and public health data.”
Attacks That Crossed Red Lines
Xu’s arrest comes at a time when Western officials have grown increasingly vocal about Chinese cyber operations.
Silk Typhoon isn’t just snooping on science labs anymore. They’ve widened their focus, hitting financial agencies and political institutions, too.
In recent years, they’ve been linked to:
Attacks on the U.S. Treasury’s Office of Foreign Assets Control (OFAC)
Breaches aimed at the Committee on Foreign Investment in the U.S.
Complex supply chain attacks involving remote management software
Microsoft reported in March that Silk Typhoon had begun exploiting cloud services and IT management tools. The strategy? Hijack the tech providers, then quietly access their customers’ networks.
A Legal Fight That Could Get Political
Xu’s case is no ordinary criminal proceeding. It’s already being seen through a geopolitical lens.
U.S. officials allege he played a part in efforts to steal critical health and government data. But China’s government has long denied involvement in cyberattacks, accusing the U.S. of hypocrisy.
Italian courts will now weigh whether Xu should be extradited. That decision might not come quickly.
Extradition cases, especially those involving alleged state-sponsored activity, can drag on for months. Defense lawyers may argue that Xu was simply in the wrong place at the wrong time—or that his detention is politically motivated.
A one-sentence pause here feels right.
Meanwhile, diplomatic pressure is likely to rise. The U.S. wants Xu on its soil. China might push back, albeit quietly.
Why This Case Matters
This isn’t just another cybercrime arrest. It touches on something bigger—an ongoing digital cold war where arrests are rare and public accountability is rarer.
Most cyber operatives don’t fly to Europe with a U.S. warrant waiting for them. That Xu was caught suggests two things: authorities are getting better at tracking suspects, and hackers are sometimes less invisible than they think.
According to a 2024 report by CrowdStrike, nation-state cyber operations targeting Western institutions rose 46% year-over-year. China accounted for nearly a quarter of those incidents.
| Nation-State Actors (2024 Share) | Approximate Share of Attacks |
|---|---|
| China | 24% |
| Russia | 31% |
| Iran | 12% |
| North Korea | 9% |
| Others | 24% |
Xu’s arrest also underscores another point: Western countries are cooperating more closely when it comes to cybersecurity enforcement.
The arrest wasn’t random—it followed months of intelligence sharing, quiet monitoring, and probably a few favors called in.
What’s Next for Xu Zewei?
For now, Xu remains in custody.
He’s expected to face a preliminary hearing in the coming weeks. Italian authorities haven’t commented publicly on the evidence provided by the U.S., but extradition requests like this usually include detailed documentation.
China hasn’t issued a formal statement yet. But state-aligned media has been quick to cast doubt on the arrest, calling it “another example of the West’s anti-China hysteria.”
The Italian justice system will have the final say, but one thing’s clear: Xu’s case won’t disappear quietly.
‘Ghost Town’ Breaks Free from Meta Quest Shackles, Arrives on Steam VR Next Week
McDonald’s Job Application Platform Exposed Data of Over 64 Million Applicants in Major Security Flaw
How to Bulk Remove Media File Links from WordPress Images
Microsoft to Drop Microsoft Account Requirement for iOS Authenticator Backups
Ether’s Second Wind: Why Ethereum’s Native Token Still Has Serious Upside
Selena Gomez Shares Tearful Birthday Tribute to Sister Gracie, Reveals Her Adorable Taylor Swift Obsession
Mexico’s Safety Divide: What Tourists Really Need to Know
David Hekili Kenui Bell, Beloved Actor from 2025’s Lilo & Stitch, Dies at 36
Dogecoin Drops 9% After SEC Delays Bitwise DOGE ETF Decision
