APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

APT24 and Autumn Dragon are running multi-year espionage campaigns that are absolutely wild — they're hitting Taiwan hard and compromising over 1,000 domains. These aren't your average script kiddies — we're talking sophisticated state-level ops.

They're deploying BADAUDIO malware (yes, that's the actual name), launching supply chain attacks that would make your security team sweat, and exploiting a brand new vulnerability — CVE-2025-8088. This isn't just another Tuesday in cybersecurity — this is next-level persistent threat activity that's been running for years.

The scale is massive — we're talking about infrastructure spanning 1,000+ domains being used in these campaigns. Taiwan is getting absolutely hammered as the primary target, but the infrastructure suggests this could be hitting way more targets globally.

BADAUDIO is particularly nasty — it's designed to evade detection while maintaining persistent access to compromised systems. The supply chain attacks mean they're hitting the software you trust, and CVE-2025-8088 is their latest weapon in the arsenal.

This is the kind of operation that keeps CISOs up at night — sophisticated, persistent, and targeting critical infrastructure and government entities. If you're in security, you need to be looking for these TTPs yesterday.