Cybersecurity Researchers Unveil New Threat Actor NightEagle Targeting Microsoft Exchange Servers

Cybersecurity researchers have revealed the existence of a new threat actor named NightEagle (or APT-Q-95), active since 2023, which targets Microsoft Exchange servers as part of a zero-day vulnerability exploitation chain. This group is focusing on government, defense, and technology sectors in China. According to the RedDrip team from QiAnXin, NightEagle uses this method to compromise the systems of targeted entities.