Apt-q-27 is a apt_group tracked across 4 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed February 6, 2026; most recent activity May 6, 2026.
A supply chain attack has compromised the DAEMON Tools software installers, which began on April 8, 2026. Kaspersky identified that these trojanized installers, signed with legitimate digital certificates, have affected…
A campaign linked to the Chinese threat group APT-Q-27 is targeting Web3 customer support teams by deploying a multi-stage backdoor via fake screenshot links. The attack exploits live chat workflows, utilizing signed…
Microsoft Defender has erroneously flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha due to a faulty signature update released on April 30, 2026. This has led to widespread false-positive…
APT-Q-27 has initiated stealthy attacks on corporate networks, exploiting security weaknesses to evade detection. The attackers utilized a file named updat.log, designed to carry encrypted payloads, indicating a…