A lot of these articles speak to the result of the vulnerabilities (installing web shells and the like), but I’d be curious about some results of the exploits - what are the APT actors doing with these powers once in? I have seen a couple examples in the wild recently (actually fairly mundane fraud schemes resulting from attentive surveillance, and far, far better executed than normal), but I don’t see a lot of reporting on this end of the event - like how are the APTs being leveraged against the typical victim. Most incidents of the attacks are kept private for good reason, but some anonymized stories would be of very high interest and value I think.