Editor Notes: Reconstructing the reported timeline of events for this incident: (1) In late 2023, Chinese state-backed actor Volt Typhoon reportedly infected outdated routers to build a botnet and gained stealth access to U.S. critical infrastructure networks, including energy systems. (2) In 2024, Salt Typhoon compromised at least nine U.S. telecommunications and government networks and reportedly exploited over 1,000 Cisco devices. (3) In January 2025, Salt Typhoon continued its campaign with additional exploitation attempts targeting internet-facing infrastructure. (4) By early 2025, FBI analysts observed increasing integration of AI tools by Chinese actors and cybercriminals across the attack lifecycle, including for spear phishing, deepfakes, and internal network mapping. (5) On April 29th, 2025, FBI Deputy Assistant Director Cynthia Kaiser publicly characterized these developments at RSA Conference, warning that AI was enabling more efficient and scalable operations by adversaries, especially those linked to the Chinese government.