A recent cyber attack attributed to Chinese hackers has compromised REDCap servers, resulting in the theft of sensitive medical research data from a North American institution. The attackers exploited vulnerable servers to deploy the InfiniteRed malware, highlighting the risks associated with exposed research infrastructure. This breach underscores the evolving tactics employed by China-linked espionage groups, which continue to target high-value data in the medical sector. The use of InfiniteRed malware in this campaign suggests a high degree of sophistication and adaptability on the part of the attackers1. The stolen data may have significant implications for the integrity of medical research and the security of sensitive information. This incident is likely to have downstream effects on regulatory frameworks and supply-chain security, making it essential for practitioners to remain vigilant and proactive in protecting sensitive data.