Briefing critical-infrastructurefinance
Velvet Ant's Operation Highland: China-Nexus APT Backdoored Linux Auth Stack for Nearly a Decade
Sygnia's disclosure of Operation Highland reveals a China-linked threat actor that modified PAM and OpenSSH components to maintain persistent, credential-harvesting access inside isolated networks from 2016 to at least 2026.