A China-nexus menace actor generally known as UNC6384 has been attributed to a set of assaults focusing on diplomats in Southeast Asia and different entities throughout the globe to advance Beijing’s strategic pursuits.
“This multi-stage assault chain leverages superior social engineering together with legitimate code signing certificates, an adversary-in-the-middle (AitM) assault, and oblique execution strategies to evade
UNC6384 Deploys PlugX through Captive Portal Hijacks and Legitimate Certificates Focusing on Diplomats
