Malware And CampaignsCampaign

TA416 OAuth redirect abuse delivering PlugX via cloud hosted malware

April 3, 2026The Hacker News

The Hacker News reports China linked TA416 is targeting European governments using OAuth redirect abuse and cloud hosted malware to deliver PlugX, with activity expanding to the Middle East in 2026.

Open in PulseSee the full authority discussion →

QUOTES

China-linked TA416 is again targeting European governments, using OAuth redirect abuse and cloud-hosted malware to deliver PlugX.

Activity expanded to the Middle East in 2026, tied to conflict-driven intelligence gathering.

VOICES

The Hacker News

RELATED TERMS

malwareoauthgovernment targetinggoogle cloudmalware analysis

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what authorities are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security