Cybersecurity researchers have identified fresh activity from China-aligned threat actor Webworm, deploying custom backdoors using Discord and Microsoft Graph API for command-and-control communications. Webworm, first documented in 2022, has been active since at least that year, targeting government agencies.

AI summaries can be wrong sometimes—always verify important details using the source article.