CrowdStrike warns of rising cyberattacks from China targeting AI

By Editorial Team · Published June 10, 2026 · 2 min read · Source: Crypto Briefing

CrowdStrike warns of rising cyberattacks from China targeting AI

Over 58% of state-sponsored cyber intrusions against US tech companies trace back to China-linked adversaries, with AI assets as the primary target.

Add us on Google by Editorial Team Jun. 10, 2026

More than half of all state-sponsored cyberattacks aimed at the US technology sector are coming from one place. And they’re after one thing.

CrowdStrike’s 2026 Technology Threat Landscape Report found that China-linked adversaries were responsible for 58% of state-sponsored cyber intrusions targeting US tech companies, with artificial intelligence assets and intellectual property sitting squarely in the crosshairs. The report covers activity from April 1, 2025, through March 31, 2026.

Five panda-named groups are doing the heavy lifting

CrowdStrike identified five distinct China-nexus threat groups driving the campaign: MURKY PANDA, MUSTANG PANDA, OVERCAST PANDA, SUNRISE PANDA, and WARP PANDA. Each group targeted the technology sector more aggressively than any other industry, reflecting Beijing’s broader strategic push toward technological self-sufficiency.

MURKY PANDA stood out as particularly prolific. Its password-spraying operations alone compromised more than 340 US-based entities.

The naming convention here, all those “PANDAs,” is CrowdStrike’s designation system for China-linked adversaries. Russia-linked groups get “BEAR” names, Iran gets “KITTEN,” and so on.

CrowdStrike’s report attributes the surge directly to Beijing’s objective of acquiring AI capabilities and intellectual property that its domestic ecosystem hasn’t been able to develop at the same pace.

AI is both weapon and target

CrowdStrike documented an 89% increase in attacks conducted by AI-enabled adversaries over the reporting period.

The technology sector has now become the most targeted industry worldwide, according to CrowdStrike’s data. That distinction holds true for both state-sponsored actors and criminal enterprises.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

This article was originally published on Crypto Briefing and is republished here under RSS syndication for informational purposes. All rights and intellectual property remain with the original author. If you are the author and wish to have this article removed, please contact us at [email protected].