Google Disrupts China-Linked Cyberespionage Campaign Targeting US Researchers

Google identified and disrupted a cyberespionage campaign attributed to a China-nexus threat actor that operated undetected for over a year, targeting US-based researchers across multiple institutions. The attackers stole RedCAP credentials to gain unauthorized access and exfiltrate sensitive data. The campaign’s infrastructure and tactics allowed prolonged persistence, though no specific dates or CVE IDs were disclosed. The primary impact involved the compromise of research-related systems and the theft of confidential information. No additional technical details, such as malware names or exact victim counts, were provided in the report.