-
Researchers found a new China-linked threat cluster, OP-512, targeting Microsoft IIS servers with a custom web shell framework. The activity used timestomping, self-reporting shells and attempted privilege escalation on a legacy Windows Server 2016 host.
