A China-aligned advanced persistent threat (APT) group tracked as Webworm has expanded its cyberespionage toolkit with a new backdoor called GraphWorm, which abuses the Microsoft Graph API specifically OneDrive endpoints for command-and-control (C2) communications. ESET researchers, who have tracked the group since its public debut in a 2022 Symantec report, published new findings exposing Webworm’s […]
The post GraphWorm Malware Abuses Microsoft OneDrive For C2 Operations appeared first on Cyber Security News.