The PRC-nexus threat actor UNC6508 targeted North American research institutions by exploiting REDCap servers and deploying the INFINITERED malware for credential theft. This campaign aimed to exfiltrate sensitive defense, AI, and medical research data through the abuse of enterprise content compliance rules.
Edward Kiledjian
@ekiledjian