China-Linked TA416 Targets European Government and Diplomatic Organizations

The China-linked threat actor TA416, associated with clusters including DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda, has targeted European government and diplomatic organizations since mid-2025. This campaign follows a two-year period of reduced activity in the region. The attacks involved the use of PlugX malware and OAuth-based phishing techniques. No specific technical indicators, CVE IDs, or quantified impacts were disclosed in the available details.