New WIP26 Threat Actor Abuses Cloud Infrastructure in Targeted Telco Attacks
WIP26 is characterized by the abuse of public Cloud infrastructure – Microsoft 365 Mail, Microsoft Azure, Google Firebase, and Dropbox – for malware delivery, data exfiltration, and C2 purposes.