State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
These campaigns, targeting Mongolian government websites, involved the reuse of n-day exploits previously linked to commercial surveillance vendors (CSVs) Intellexa and NSO Group. The attackers, suspected to be Russian government-backed APT29.