A China-associated advanced persistent threat (APT) collective referred to as TheWizards is connected to a lateral movement utility known as Spellbinder, which can support adversary-in-the-middle (AitM) incursions.
“Spellbinder allows for adversary-in-the-middle (AitM) intrusions, utilizing IPv6 stateless address autoconfiguration (SLAAC) impersonation, to traverse laterally within the infiltrated network, capturing packets and