APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials

Monday, April 13, 2026 at 03:08 PM UTC·Source: Dark Reading

Updated: Monday, April 13, 2026 at 03:28 PM UTC

Executive Summary

The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.

Analysis

The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.

Source Attribution

Originally published by Dark Reading on Apr 13, 2026.

Related Threats

MEDIUMApt

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On the post-exploitation side, Windows saw three new persistence techniques added as modules, targeting Tele

CVE-2026-28501CVE-2026-28517

6d agoRapid7

CRITICALApt

ISMG Editors: Adapting to the Looming Mythos AI Onslaught

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/ismg-editors-adapting-to-looming-mythos-ai-onslaught-image_small-2-a-31453.jpg" align=right hspace=4><b>Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking Point</b><br>In this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York s

Apr 17, 2026Bank Info Security

LOWApt

Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies

The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox.

Apr 17, 2026The Record