Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications.
The exploited vulnerabilities included “a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in