Operation Dragon Whistle Targets Changzhou University With Malicious LNK Files

A targeted phishing campaign against PSCA/PPIC3 in Pakistan used spear-phishing attachments (a macro-laden Word doc and a fake Adobe PDF) to deploy a VS Code Remote Tunnel backdoor via Microsoft device-code authentication and ClickOnce-delivered .NET payloads, exploited persistence via registry changes, and exfiltrated status codes to attacker-controlled Discord webhooks; several SHA-256 hashes are provided as IoCs.