China-linked cyberespionage group UNC4191 has been observed targeting public and private entities in Southeast Asia, Asia-Pacific, the U.S., and Europe, with increased attention on the Philippines. Hackers attempt to steal data from air-gapped systems through self-replicating malware on USB drives. The three malware families, dubbed MISTCLOAK, DARKDEW, and BLUEHAZE, can help achieve backdoor access to compromised devices.