Cybersecurity researchers uncover a sophisticated cyber campaign named UNK_SweetSpecter targeting US AI organizations, utilizing the SugarGh0st RAT, historically linked to Chinese-speaking threat actors, repurposed for AI-related entities. The attacks distribute AI-themed lures via a free email account with attached zip archives, following an infection chain similar to one identified by Cisco Talos. The campaign shows agility by shifting C2 communications to a new domain, account
gommask[.]online, highlighting highly targeted operations. The attackers focus on AI experts amidst US-China tensions over AI access, suggesting potential motives related to Chinese development goals. ```https://www.infosecurity-magazine.com/news/sugargh0st-rat-targeted-ai/