Cybersecurity researchers have identified a China-aligned espionage campaign targeting government and defense organizations across South, East, and Southeast Asia, as well as a European NATO member. The activity cluster, tracked as SHADOW-EARTH-053, has been active since at least late 2024 and shows overlaps with previously known threat groups. Researchers said the attackers primarily exploit known vulnerabilities in internet-facing Microsoft Exchange and IIS servers, including flaws similar to...