Tuesday, 31 March, 2026
NightEagle APT Exploits Microsoft Exchange Zero‑Day to Spy on China’s Tech and Military
By Isha
Security researchers have uncovered NightEagle (aka APT‑Q‑95), a new advanced persistent threat targeting Microsoft Exchange zero-days. Active since 2023, it injects a custom .NET loader into Exchange IIS, steals machineKey, deserializes servers, and accesses mailboxes. Leveraging Go-based Chisel for intranet penetration, it focuses on China’s government, military, AI, quantum, semiconductors, and defense sectors—operating stealthily by night and rapidly swapping infrastructure.
Read full story at The Hacker News