#unc6384
#unc6384
[ follow ]
#plugx #zdi-can-25373 #european-diplomatic-espionage #spearphishing #dll-side-loading #cve-2025-9491
#plugx
fromThe Hacker News
15 hours agoInformation security
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
China-linked UNC6384 used spear-phishing and an unpatched Windows shortcut vulnerability (CVE-2025-9491) to deploy PlugX against European diplomatic and government targets.
fromThe Hacker News
2 months agoInformation security
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.
[ Load more ]