China-linked Webworm campaign targets European government organizations.
Dark Reading reports that the China-aligned Webworm APT has shifted toward European government targets, including organizations in Belgium, Italy, Serbia, Spain, and Poland. The group is using stealthier command-and-control methods, including Discord-based EchoCreep and Microsoft Graph API-based GraphWorm, plus proxy tooling such as SoftEther VPN. Researchers say defenders should watch unusual communications from non-standard processes to Discord, Microsoft Graph, OneDrive, GitHub, and S3 endpoints.
China-linked Webworm campaign targets European government organizations.
22.05.2026
China-linked Webworm campaign targets European government organizations. Dark Reading reports that the China-aligned Webworm APT has shifted toward European government targets, including organizations in Belgium, Italy, Serbia, Spain, and Poland. The group is using stealthier…
Източник: www.darkreading.com