The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations

- The China-linked advanced persistent threat (APT) group known as Aquatic Panda has been involved in a "global espionage campaign" in 2022 that targeted seven organizations. These organizations include governments, Catholic charities, NGOs, and think tanks located in Taiwan, Hungary, Turkey, Thailand, France, and the United States. The operation, conducted over ten months from January to October 2022, is referred to as Operation FishMedley by ESET. - Security researcher Matthieu Faou noted that the operators employed implants such as ShadowPad, SodaMaster, and Spyder, which are often associated with China-aligned threat actors. Aquatic Panda, also known by various names like Bronze University and RedHotel, has been active since at least 2019. The Slovak cybersecurity company tracks this group under the name FishMonger. - Aquatic Panda operates under the Winnti Group umbrella and has connections to the Chinese contractor i-Soon, whose employees were recently charged by U. S. authorities for involvement in espionage activities from 2016 to 2023. The 2022 attacks utilized five different malware families, including a loader called ScatterBee, which deploys other implants. The initial access method for the campaign is currently unknown.