🚨 China-linked APT41 breached African gov IT networks using internal SharePoint servers as C2.

The attack used stolen admin creds, DLL sideloading, and fake GitHub domains—marking rare APT41 activity in Africa.

CheckDot is SAFU #dyor on CheckDot 🤝