Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugX (aka Korplug or SOGU). "The new variant's features overlap with both the RainyDay and Turian backdoors, including abuse of the same legitimate applications for DLL side-loading, the
![]()
source https://thehackernews.com/2025/09/china-linked-plugx-and-bookworm-malware.html
source https://thehackernews.com/2025/09/china-linked-plugx-and-bookworm-malware.html