#CheckPoint Research observed #Amaranth-Dragon, a Chinese-aligned group linked to #APT41, conducting espionage against government and law enforcement across Southeast Asia. The threat actor weaponized #WinRAR flaw CVE-2025-8088 within 10 days after its disclosure, geo-fenced servers to targets, and introduced #TGAmaranth, a Telegram-based remote access tool.

https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/