Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and March 2025. Learn about the “PurpleHaze (aka Vixen Panda)” and “ShadowPad” operations and the persistent threats.

A new report from cybersecurity firm SentinelLABS has exposed a wide-reaching campaign of cyberattacks, strongly believed to originate from China. These activities, which took place from July 2024 to March 2025, were aimed at numerous organizations globally, including government agencies, media companies, and, notably, SentinelOne.

While the scale of the attacks was significant, SentinelLABS has confirmed that its own infrastructure remained uncompromised. Reportedly, in October 2024, SentinelLABS detected early probing activities targeting SentinelOne’s internet-accessible systems. This was part of a larger cluster of suspicious activities they named PurpleHaze (aka Vixen Panda)“.

Later, in early 2025, SentinelLABS assisted in stopping a separate intrusion. This incident was connected to a broader operation called “ShadowPad” and impacted a ...