Tag: internet information services

2 articles

Compromised web server in a data center with a focus on the targeted server on a rack.

China-Linked OP-512 Targets IIS Servers with Custom Web Shells

Meet OP-512, a China-linked threat cluster with a taste for espionage, recently caught targeting IIS servers with custom web shells in a stealthy bid for sensitive intel. This sneaky operation aligns with China's intelligence priorities, putting certain sectors and geographies firmly in its crosshairs.

Analyst 207Jun 5, 2026

Brightly-lit server room with subtle signs of security breach.

China-Linked Hackers Expose Wide-Ranging Espionage Campaign

Meet SHADOW-EARTH-053, a China-aligned espionage group that's been secretly lurking in the shadows since December 2024, using clever tactics like exploiting vulnerabilities and deploying web shells to gain persistent access to sensitive targets. Their sophisticated attacks have been linked to other notorious intrusion sets, revealing a vast and complex espionage campaign.

Analyst 207May 1, 2026