Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework.

ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China.

"OP-512 was highly likely conducting espionage through a



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/06/new-threat-cluster-op-512-targets.html