Thursday, 5 March, 2026
In a three-year campaign, Chinese hackers exploit a "rarely seen" Windows mechanism
By Basit Ansari
<p>Cybereason has revealed a sophisticated Winnti cyber campaign that exploits Windows mechanisms in a 'rarely seen' manner. The covert attacks have primarily targeted the networks of technology and manufacturing firms in Europe, Asia, and North America in order to steal sensitive proprietary information. Winnti is an APT that exploits the Common Log File System Stashlog, which manipulates the NTFS and Transactional Registry operations of CLFS.<br />
</p>
Read full story at Zdnet
Tags: