Black & White Path

Apr 29, 2026 · Information Security

Supply Chain Attack on SumatraPDF Targeting Chinese Users

A sophisticated supply‑chain intrusion discovered by Zscaler ThreatLabz weaponizes a tampered SumatraPDF binary, uses a custom AdaptixC2 beacon hidden in GitHub, and leverages Visual Studio Code tunnels to gain persistent remote access on Chinese‑language systems.