China-Linked Espionage Campaign Targets Exposed REDCap Servers to Steal Medical Research Data

A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware, stealing sensitive data from a medical institution in North America. The attack exploited unsecured REDCap instances, which are used for managing medical research and clinical data. No specific dates, CVE IDs, or additional technical details about the malware or breach timeline were disclosed. The primary impact involved unauthorized access and exfiltration of medical research data. The threat actor is attributed to Chinese state-sponsored hacking groups based on observed tactics and infrastructure.