A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway (ESG) appliances since October 2022.
“UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People’s Republic of China,” Google-owned Mandiant said in a new report published today, describing the group as “aggressive and skilled.”