Chinese nation-state group APT41 targeted an unnamed Taiwanese media firm to deploy Google Command and Control (GC2), an open-source red teaming tool - revealed Google’s TAG. To initiate the attack, the attackers sent phishing emails with links to password-protected files hosted on Google Drive.