Update on Attacks by Threat Group APT-C-60

JPCERT/CC documents a targeted spear‑phishing campaign (attributed to APT‑C‑60) against recruitment staff in Japan that uses malicious VHDX attachments containing LNK files which execute Git to run scripts, deploy a persistent downloader via COM hijacking, and fetch SpyGlace payloads hosted on GitHub; the report describes downloader and SpyGlace updates, their encoding/C2 schemes (custom RC4/BASE64/RC4 variant, AES-128-CBC), decoy documents, and observable GitHub timelines for the malware versions.