All newly discovered campaigns have taken place in between the originally discussed campaigns on November 9th, 2023 and January 17th, 2024. Employment of previously seen techniques such as DLL Search Order Hijacking and leveraging publicly documented malware such as PUBLOAD show a consistent intrusion set. However, deviations like the use of Cobalt Strike beacons and infostealers showcase variability in modus operandi.

Click for details.