Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a „complex and well-resourced operation.“
The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL
https://thehackernews.com/2026/03/three-china-linked-clusters-target.html
