Was that a "feature"?
"The update appeared legitimate, but it contained malicious code that worked much like a digital wiretap, reprogramming the infected equipment to record all the communications passing through it before sending the data to China, [the sources] said,"
That could be spyware although I've seen code like that in the past where systems send user information back to enable debugging and performance verification. Had they included a typical "user licensing" text that stated that Huawei was working the same way as Google email or Google Drive then this would have been a complete non-issue.
Am I infected? No, I'm using Google (LOL).