China-linked hackers target US, Canada research using legacy REDCap exploits (opens in new tab)

Google is warning of a cyber espionage campaign linked to a China-nexus threat actor, UNC6508, that kept close tabs on valuable US and Canadian research environments for over a year. The campaign abused REDCap, a widely adopted platform for collecting and managing research data. Attackers, now disrupted, intercepted REDCap’s upgrade process to inject persistence malware. According to Google’s Threat Intelligence Group (GTIG), the campaign was particularly interested in academic institutions, ...