Threat Group: Earth Estries (also known as Salt Typhoon, GhostEmperor, UNC2286) Threat Type: Advanced Persistent Threat (APT) Exploited Vulnerabilities: Multiple N-day vulnerabilities in Ivanti Connect Secure, Fortinet FortiClient EMS, Sophos Firewall, and Microsoft Exchange Server Malware Used: GHOSTSPIDER backdoor, MASOL RAT, Demodex rootkit, Deed RAT (SNAPPYBEE) Threat Score: High (8.