HACKERS infiltrated the email account of a senior executive at a major global stock exchange, gaining access from October 2025 to March 2026. The attack, which lasted approximately 150 days, aimed at espionage, allowing attackers to collect sensitive information from the mailbox using disguised malware and exploiting applications like Adobe and OneDrive. They maintained stealth by exfiltrating data in small batches via cloud services.
The initial access method is unknown, and security experts warn this exploitation highlights the vulnerability of organizations to targeted cyber-espionage. Indicators of compromise (IoCs) are provided to assist in detecting similar threats.