Well, the PLA has been caught red handed, twice, hacking Western firms and financial insitutions, including installing malware and identify theft which could be used to impersonate and hack members of the public. The USA is far from clean on this issue, but I don't think we know enough to properly characterise the relative threats.
The ideal would be to use open-source hardware and e2e encryption, but if this is not possible I would suggest these scared of the US to use Chinese phones and these scares of China to use US phones.
https://en.wikipedia.org/wiki/PLA_Unit_61398