China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

China-aligned threat actors are running Operation Dragon Weave, targeting government, research, academic, tech, and financial sectors in Czech Republic and Taiwan with spear-phishing emails. Rust-based RUSTCLOAK loader delivers AZUREVEIL C2 agent that uses Microsoft Azure Blob Storage for command-and-control, making detection harder. This is active espionage with high success potential against our sectors.

HIGHAdvisoryJun 02, 2026

Action required

Immediately hunt for spear-phishing emails with ZIP attachments and RUSTCLOAK/AZUREVEIL indicators across your email logs and endpoints. Block identified IOCs. Monitor Azure Blob Storage access from your network for anomalous C2 patterns. Escalate any findings.

Affected products

Microsoft

Linked articles

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

Source links

https://thehackernews.com/2026/06/china-aligned-groups-ramp-up-attacks.html