ThreatCluster

Cyber Espionage Campaign Targets Malaysian Organizations via Cloudflare Storage

First seen 19 May 2026, 14:22 UTC GbhackersCybersecuritynews 86% similarity 73

Article Content

Browse articles
ThreatCluster

A sophisticated cyber espionage campaign has been uncovered, targeting multiple Malaysian government organizations. Attackers exploited a Cloudflare-hosted storage endpoint to exfiltrate sensitive files from compromised networks. The operation utilized an Azure virtual machine (IP: 20.17.161.118) to orchestrate attacks, employing custom tools for stealthy data extraction. The campaign's structured attack chain indicates a high level of planning and execution. Security researchers have confirmed that the attackers were able to pull files without triggering alarms, raising concerns about the effectiveness of current security measures. The full scope of the data stolen is still being assessed, but the operation has significant implications for national security. Current status indicates ongoing investigations by cybersecurity teams to mitigate the threat.

Key Points: • Attackers exploited Cloudflare storage to exfiltrate data from Malaysian networks. • An Azure virtual machine was central to orchestrating the cyber espionage campaign. • The operation targeted multiple government-linked organizations, indicating a high level of planning.

ThreatCluster AI

Timeline

2026-05-18
Cyber espionage campaign uncovered
Security researchers revealed a targeted intrusion campaign affecting Malaysian government organizations via Cloudflare storage.
Gbhackers
2026-05-19
Details of attack methods disclosed
Researchers confirmed the use of an Azure VM and Cloudflare storage for stealthy data exfiltration.
Cybersecuritynews

Community

Browse all →