Chinese APT deploys new malware to keep access to hacked networks

- One eye on headlines, one on the SIEM. Chinese APT UNC5221 is still playing house in your M365 tenant with Brickstorm, Plenet, and AgentPSD. While the hype machine screams “cyberwar,” this is just boring, persistent espionage. The victims? Anyone with a Microsoft license who thinks default settings are security. Stop treating cloud credentials like open invitations. Rotate keys, enforce MFA strictly, and hunt for those specific backdoors. If you’re relying on hope for OPSEC, you’re already compromised. Fix your hygiene before they finish their coffee.