Midnight Blizzard and Chinese Threat Actors Target Organizations, Stealing 15,000 Credentials and Using 8,000 Strong Botnet

Recent cybersecurity reports have highlighted a series of coordinated attacks by various threat actors. The Russian group known as Midnight Blizzard has been conducting extensive spear-phishing campaigns targeting over 100 organizations, primarily in the United States and Europe. Concurrently, Microsoft reported that a botnet identified as CovertNetwork-1658 is being utilized by multiple Chinese threat actors to compromise Azure accounts, with the botnet averaging around 8,000 active nodes. Additionally, a malicious actor named EmeraldWhale has executed a global operation that exploited exposed Git configurations, leading to the theft of more than 15,000 cloud service credentials. Furthermore, Chinese threat actors have been linked to the use of the Quad7 botnet in password-spray attacks, indicating a broad and persistent threat landscape in cybersecurity.