NightEagle Hacks Exchange to Target China’s Military

A newly identified advanced persistent threat group known as NightEagle, also tracked as APT-Q-95, has launched a targeted campaign against China’s military and technology sectors, exploiting a vulnerability in Microsoft Exchange servers. Cybersecurity analysts say the NightEagle hacks Exchange servers using a zero-day exploit chain, enabling attackers to infiltrate sensitive networks linked to government and defense operations.

The RedDrip Team at QiAnXin reports that NightEagle has remained active since 2023. The group has adjusted its infrastructure and techniques over time, making detection and attribution more difficult. NightEagle hacks Exchange environments with precision, focusing its efforts on high-value Chinese targets within strategic industries.

Researchers believe the campaign reflects a broader trend of sophisticated cyber operations aimed at exfiltrating data and disrupting national security assets. Continued monitoring of the threat actor remains critical as the group evolves its tactics.

Read the full report for more technical details and analysis:
https://thehackernews.com/2025/07/nighteagle-apt-exploits-microsoft.html