{"id":52617,"date":"2023-07-04T13:23:42","date_gmt":"2023-07-04T13:23:42","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34771\/Novel-PlugX-Malware-Attacks-Target-European-Diplomats.html"},"modified":"2023-07-04T13:23:42","modified_gmt":"2023-07-04T13:23:42","slug":"novel-plugx-malware-attacks-target-european-diplomats","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/","title":{"rendered":"Novel PlugX Malware Attacks Target European Diplomats"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/HTML-code.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A recently discovered campaign to deploy PlugX malware into diplomatic organizations in Europe is believed to be part of a wider move by threat actors tied to China to shift their focus to European targets.<\/p>\n<p>Researchers at Check Point Research (CPR) have been tracking the PlugX campaign for the past two months and say it has targeted embassies and foreign affairs ministries in several European countries.<\/p>\n<p>\u201cThis specific campaign has been active since at least December 2022, and is likely a direct continuation of a previously reported campaign attributed to RedDelta (and also to <a href=\"https:\/\/www.scmagazine.com\/brief\/device-security\/new-mustang-panda-attacks-targeting-tp-link-routers\" target=\"_blank\" rel=\"noreferrer noopener\">Mustang Panda<\/a>, to some extent),\u201d CPR researchers said in a <a href=\"https:\/\/research.checkpoint.com\/2023\/chinese-threat-actors-targeting-europe-in-smugx-campaign\/\" target=\"_blank\" rel=\"noreferrer noopener\">July 3 report<\/a>.<\/p>\n<p>There is a degree of crossover between RedDelta and Mustang Panda, two Chinese state-sponsored advanced persistent threat (APT) groups, both known for their focus on espionage.<\/p>\n<p>In its report, CPR said the recently discovered campaign used new delivery methods \u2013 most notably, <a href=\"https:\/\/www.scmagazine.com\/analysis\/device-security\/amid-heavy-employee-browser-usage-html-smuggling-is-on-the-upswing\" target=\"_blank\" rel=\"noreferrer noopener\">HTML smuggling<\/a> \u2013 to deploy a new variant of <a href=\"https:\/\/www.scmagazine.com\/brief\/device-security\/plugx-malware-spread-via-remote-desktop-program-exploits\" target=\"_blank\" rel=\"noreferrer noopener\">PlugX<\/a>, a commonly used remote access tool (RAT) of Chinese origin. They are tracking the campaign as SmugX.<\/p>\n<p>\u201cAlthough the payload itself remains similar to the one found in older PlugX variants, its delivery methods results in low detection rates, which until recently helped the campaign fly under the radar,\u201d the researchers said.<\/p>\n<h2>What is HTML smuggling?<\/h2>\n<p>HTML smuggling involves malicious files being embedded into HTML documents, allowing them to evade network-based detection methods. HTML smuggling isn&#8217;t new, however adversaries have relied on it more since Microsoft has shut down other popular ways to sneak malware onto systems, such as blocking macros by default in Word documents.<\/p>\n<p>&#8220;HTML smuggling employs HTML5 attributes that can work offline by storing a binary in an immutable blob of data within JavaScript code,&#8221; wrote researchers <a rel=\"noreferrer noopener\" href=\"https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/html-smuggling-the-hidden-threat-in-your-inbox\/\" target=\"_blank\">at Trustwave<\/a> in a blog posted earlier this year.<\/p>\n<p>&#8220;The data blob, or the embedded payload, gets decoded into a file object when opened via a web browser. Threat actors take advantage of the versatility of HTML in combination with social engineering to lure the user into saving and opening the malicious payload,&#8221; it wrote.<\/p>\n<h2>How European government entities were targeted<\/h2>\n<p>In the SmugX campaign, which is known to have targeted diplomatic entities in the UK, France, Sweden, Ukraine, Czech, Hungary, and Slovakia, the lure documents contained diplomacy-related content. Examples included a letter from the Serbian embassy in Budapest and an invitation to a diplomatic conference issued by Hungary\u2019s Ministry of Foreign Affairs.<\/p>\n<p>The threat actors used HTML smuggling to facilitate the downloading of either a JavaScript or ZIP file onto a compromised system. When a ZIP archive is used by the threat actors, it contains a malicious LNK file that runs PowerShell. When a JavaScript file is used, it downloads and executes an MSI file from the attackers\u2019 server.<\/p>\n<p>\u201cAs observed in past instances, PlugX malware employs DLL sideloading techniques,\u201d the CPR researchers wrote. \u201cAfter the lnk or MSI file drops the necessary files, it triggers the execution of a legitimate program, which in turn loads the malicious DLL.\u201d<\/p>\n<p>The DLL then decrypts the final payload, the PlugX malware, which can be used to carry out a range of malicious activities on compromised systems, including file exfiltration, screen capturing, keystroke logging, and command execution.<\/p>\n<p>As a means of ensuring persistence, a hijacked legitimate executable is also downloaded during the infection process. The PlugX payload copies the legitimate program and the DLL, which are stored within a newly-created hidden directory. Persistence is achieved by adding the legitimate program to the Run registry key.<\/p>\n<h2>Similarities with Malicious USB campaign<\/h2>\n<p>\u201cCombined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on their foreign policy,\u201d the researchers said.<\/p>\n<p>Last month, CPR reported on a new variant of a self-propagating malware being <a href=\"https:\/\/www.scmagazine.com\/news\/threat-intelligence\/usb-drives-self-propagating-malware\" target=\"_blank\" rel=\"noreferrer noopener\">spread via USB drives<\/a> by a China state-backed APT group it was tracking as Camaro Dragon.<\/p>\n<p>In their latest report, the researchers said while Camaro Dragon\u2019s activity overlapped with Mustang Panda and RedDelta, there was insufficient evidence to link the new PlugX campaign directly to Camaro Dragon. Because of that, they had decided to track the new campaign as SmugX.<\/p>\n<p>\u201cWhile none of the techniques observed in [the SmugX] campaign is new or unique, the combination of the different tactics, and the variety of infection chains resulting in low detection rates, enabled the threat actors to stay under the radar for quite a while,\u201d the researchers said.<\/p>\n<p>\u201cAs for PlugX, it also remained largely unchanged from previous appearances, although one new aspect observed is the adoption of RC4 encryption of the payload, which is a departure from the previously utilized XOR encryption.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34771\/Novel-PlugX-Malware-Attacks-Target-European-Diplomats.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52618,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[5484],"class_list":["post-52617","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentmalware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-04T13:23:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/HTML-code.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Novel PlugX Malware Attacks Target European Diplomats\",\"datePublished\":\"2023-07-04T13:23:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/\"},\"wordCount\":789,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/novel-plugx-malware-attacks-target-european-diplomats.jpg\",\"keywords\":[\"headline,government,malware\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/\",\"name\":\"Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/novel-plugx-malware-attacks-target-european-diplomats.jpg\",\"datePublished\":\"2023-07-04T13:23:42+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/novel-plugx-malware-attacks-target-european-diplomats.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/novel-plugx-malware-attacks-target-european-diplomats.jpg\",\"width\":800,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-plugx-malware-attacks-target-european-diplomats\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,malware\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentmalware\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Novel PlugX Malware Attacks Target European Diplomats\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/","og_locale":"en_US","og_type":"article","og_title":"Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-04T13:23:42+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/HTML-code.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Novel PlugX Malware Attacks Target European Diplomats","datePublished":"2023-07-04T13:23:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/"},"wordCount":789,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/novel-plugx-malware-attacks-target-european-diplomats.jpg","keywords":["headline,government,malware"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/","url":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/","name":"Novel PlugX Malware Attacks Target European Diplomats 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/novel-plugx-malware-attacks-target-european-diplomats.jpg","datePublished":"2023-07-04T13:23:42+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/novel-plugx-malware-attacks-target-european-diplomats.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/novel-plugx-malware-attacks-target-european-diplomats.jpg","width":800,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/novel-plugx-malware-attacks-target-european-diplomats\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,malware","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentmalware\/"},{"@type":"ListItem","position":3,"name":"Novel PlugX Malware Attacks Target European Diplomats"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52617"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52617\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52618"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}