Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign

Oasis Security reports a suspected Malaysian state-linked espionage campaign using stealthy, selectively exposed command-and-control infrastructure and the abuse of Cloudflare and other cloud services to host malware and phishing content; operators rotate and restrict access to servers to avoid detection, favoring ephemeral cloud resources, and the report recommends behavior-based monitoring and closer inspection of outbound connections.