LOWData BreachACTIVE
The Hacker News: Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
April 22, 2026
Incident Summary
A threat actor known as Harvester deployed a Linux variant of the GoGra backdoor and leveraged Microsoft Graph API and Outlook to handle command-and-control communications. The activity targeted entities in South Asia, indicating a campaign that abuses common Microsoft cloud services as part of attacker infrastructure. This matters because legitimate enterprise services can be used to blend malicious traffic into normal communications. Limited public details are available on the specific victims, scope, or any remediation outcomes.
Incident Details
- Type
- Data Breach
- Severity
- LOW
- Status
- ACTIVE
- Date Occurred
- April 22, 2026
#hackernews#security#breach