Chinese MSS-affiliated hackers are attacking US government agencies and private companies by exploiting vulnerabilities in publicly exposed edge systems. They are looking for vulnerable and publicly exposed devices using the Internet-device search engine Shodan and vulnerability databases. The most notable vulnerabilities CISA has seen targeted by Chinese threat actors are F5, Citrix, Pulse Secure, and Microsoft Exchange Server vulnerabilities in F5 and Exchange Server. Threat actors are using cracked versions as part of their attacks to enable backdoor access to compromised systems and deploy additional tools.
Source: https://www.bleepingcomputer.com/news/security/us-govt-china-sponsored-hackers-targeting-exchange-citrix-f5-flaws/