Chinese Hackers Spied on Cuban Embassy as US Prepared Blockade

On April 29, 2026, Bloomberg's Patrick Howell O'Neill published a story on Gambit's findings about a Chinese state-sponsored cyber-espionage campaign targeting Cuba's diplomatic infrastructure. The campaign began in January 2026 — coinciding with US naval blockade preparations and the Trump administration's halt of oil deliveries to Cuba — and exploited two five-year-old Microsoft Exchange vulnerabilities to breach the Cuban embassy in Washington.Bloomberg cited Gambit research throughout. The campaign compromised the inboxes of 68 officials, including the Cuban ambassador and the deputy chief of mission. Gambit researchers also observed the same Chinese group targeting the Venezuelan government and Ministry of Foreign Affairs around the same time, and identified opportunistic exploitation of other government and private servers globally — including Texas Health and Human Services systems and the biotech investment firm Santé Ventures. The actors used tools, techniques, and infrastructure consistent with Chinese state-sponsored cyber-espionage.