Hackers abuse Cloudflare storage to exfiltrate network files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blends custom tooling, cloud infrastructure, and stealthy data exfiltration.
At the center of the operation is an Azure virtual machine (IP: 20.17.161.118) used to orchestrate attacks across government-linked networks.
The infrastructure contained a wide range of attacker tools, including tailored Python scripts, Laravel exploit chains, webshell deployment utilities, and even source code for previously undisclosed command-and-control (C2) components.
Read more at GB Hackers