This news brief roundup highlights the latest developments of China-linked advanced persistent threat groups as well as the activities of a Russian cybercrime entity.

Weaver Ant: A China-nexus APT exposed Researchers uncovered a yearslong web shell attack orchestrated by a China-nexus APT group dubbed Weaver Ant. Security service provider Sygnia released insights into the group's tactics, techniques and procedures (TTPs) after detecting it in the middle of a cyberattack against a telecom in Asia. The report indicated that Weaver Ant has demonstrated high levels of persistence and adaptability, adjusting its TTPs to evade detection. Sygnia researchers provided recommendations for hunting and defending against Weaver Ant and similar multilayered attacks, including relevant logging and monitoring, implementing strong access control measures, and deploying threat detection and response technologies. Read the full story by Alexander Culafi on Dark Reading.

ISoon: Unveiling a Chinese espionage hacker group Researchers uncovered a widespread espionage campaign dubbed FishMedley, carried out by a threat group known as FishMonger for the Chinese government. FishMonger, also known as Aquatic Panda, was working for the Chinese APT contractor iSoon. The hacker-for-hire operation, posing as a cybersecurity training company, was uncovered last year as a known contractor for the Chinese government. ESET researchers have now released details of the FishMedley campaign, which targeted government and nongovernment organizations in Taiwan, Hungary, Turkey, Thailand, the U.S., France and other countries. While not known for its sophisticated TTPs, FishMonger was noted by researchers for its efficiency in achieving its mission of stealing confidential data. Read the full story by Becky Bracken on Dark Reading.