[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feeq02rNs48s_QH9zpWffdMY3GXCmAE2VUwcAPSggJTM":3},{"article":4,"iocs":46},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":26,"category":27,"article_tags":30},"bfeb2d56-bdd6-4a60-8c61-845596c1eb55","Looks the Outlook Web App of \"Mpumalanga Department of Social Development (a provincial governmen...","looks-the-outlook-web-app-of-mpumalanga-department-of-social-development-a-provi-236089","Looks the Outlook Web App of \"Mpumalanga Department of Social Development (a provincial government department in South Africa)\" is being used to host some PlugX related malware sample...\n🤷‍♂️ https:\u002F\u002Ft.co\u002FRuV9FX6eRl https:\u002F\u002Ft.co\u002FtVV3IlKUML","The Outlook Web App infrastructure of Mpumalanga Department of Social Development, a provincial government entity in South Africa, has been compromised and is being actively used to distribute PlugX malware samples. PlugX is a modular remote access trojan historically associated with Chinese state-sponsored threat actors. This indicates either a direct breach of government systems or compromise of legitimate infrastructure for malware distribution.","South African provincial government's Outlook Web App compromised to host PlugX malware samples.",null,"https:\u002F\u002Fx.com\u002Fmalwrhunterteam\u002Fstatus\u002F2052367981108167097","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHt33kDXgAAGdz6.png","2026-05-07T12:40:32+00:00","2026-05-07T13:00:06.724353+00:00",7,[18,21,24],{"name":19,"type":20},"PlugX operators (likely Chinese state-sponsored)","threat_actor",{"name":22,"type":23},"Outlook Web App","product",{"name":25,"type":23},"PlugX","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":26,"icon":11,"name":28,"slug":29},"Malware","malware",[31,36,41],{"category":32},{"id":33,"icon":11,"name":34,"slug":35},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":37},{"id":38,"icon":11,"name":39,"slug":40},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":42},{"id":43,"icon":11,"name":44,"slug":45},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[47],{"type":29,"value":25,"context":48},"Remote access trojan samples being hosted on compromised government Outlook Web App"]