Chinese hackers breach REDCap servers, steal medical research

Google's Threat Intelligence Group tracks the China-linked espionage group UNC6508, which breached REDCap servers at a North American medical institution. The attackers deployed the InfiniteRed custom malware, remaining undetected for over a year after the initial compromise in September 2023. The campaign targeted medical, military, and AI research data.