← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
China Aligned Cyberespionage Campaign Targets Governments
WHITE CODERED_VTA 2026-05-06 Modified: 2026-05-06
23
IOCs
MEDIUM VOLUME
Cybersecurity researchers have identified a China-aligned espionage campaign targeting government and defense organizations across South, East, and Southeast Asia, as well as a European NATO member. The activity cluster, tracked as SHADOW-EARTH-053, has been active since at least late 2024 and shows overlaps with previously known threat groups. Researchers said the attackers primarily exploit known vulnerabilities in internet-facing Microsoft Exchange and IIS servers, including flaws similar to...
initial-accesspersistenceprivilege-escalationexfiltrationT1190T1204T1215mediumvtathreat-intelligence
Indicators of Compromise (1 / 23 total)
All CVE FileHash-MD5 FileHash-SHA1 IPv4 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
hostname check.office365-update.com 2026-05-06
References (1)
↗ https://www.trendmicro.com/en_us/research/26/d/inside-shadow-earth-053.html