Diplomats in Southeast Asia were targeted in a cyber-espionage campaign earlier in 2025, likely waged in support of operations aligned with the strategic interests of China. The attacks, using social engineering and malware disguised as innocuous software updates, are attributed to the 
-linked UNC6384 group.
About two dozen victims had downloaded the malware.
Hackers had breached the targets’ Wi-Fi networks, and then abused that access to dupe diplomats into downloading malware disguised as Adobe plug-in software.
The malware, called SOGU.SEC, was then installed in the memory of the device to avoid detection.
“I would assume diplomats have pretty sensitive documents on their laptops that they’re using for their day-to-day work. And yeah, once you’re on that device, you can get those documents.”
bloomberg.com/news/articles/
cloud.google.com/blog/topics/th