A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout.
« The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies, » ESET security researcher Anh Ho said. « Through
