In a recent cyberespionage campaign, the China-aligned threat actor MirrorFace has significantly updated its tactics, techniques, and procedures (TTPs) by incorporating a heavily customized version of the AsyncRAT malware. This adaptation allows the malware to execute within Windows Sandbox, effectively evading detection by security controls. The campaign, dubbed Operation AkaiRyū, marks a notable expansion of … Continue reading MirrorFace Hackers Adapt AsyncRAT for Evasive Execution Within Windows Sandbox