A wave of targeted cyberattacks is sweeping across the APAC region, with APT groups and cybercriminals increasingly focusing their sophisticated tactics on government and public sector entities. Earth Kasha has launched a spear-phishing campaign against government and public sector entities in Taiwan and Japan, leveraging a modified version of the ANEL backdoor to infiltrate sensitive systems. In parallel, Wordfence has identified a new malware strain masquerading as a WordPress plugin called ‘WP-antymalwary-bot.php’. Meanwhile, cybercriminals are monetizing stolen data, trading over 31,000 Australian banking credentials online. Here’s a quick roundup of cybersecurity news from the past 24 hours.