Undisclosed Malaysian government entity
April 30, 2026
•[ espionage, vulnerability exploitation, unpatched software ]
Shadow-Earth-053, a China-aligned espionage cluster, was reported to have compromised an undisclosed Malaysian government environment by exploiting unpatched Microsoft Exchange and IIS servers, deploying web shells and ShadowPad, collecting credentials, and exporting mailbox contents.
