My friend Mark Schrader tipped me off to some reports of VLC being used by Chinese hackers to launch malware attacks. VLC is commonly used to check basic streaming functionality when troubleshooting IP cameras, and probably exists in one place or another in any moderately complex IP camera system - on a server, client workstation, tech laptop, or all of the above.
Unfortunately a lot of these online stories seemed to mostly be copy-paste summaries of the same vague reports with little technical info. After a bit of digging, I have found some more details on this malware attack, and how to potentially detect and remove it on your system, if you are impacted.