The Earth Baxia Advanced Persistent Threat (APT) group, suspected to be operating from China, is engaged in cyber espionage operations targeting government entities and organizations in the Asia-Pacific (APAC) region. Their tactics involve sophisticated spearphishing campaigns, leveraging vulnerabilities like CVE-2024-36401, and tools like Cobalt Strike to gain access and exfiltrate data. The group’s actions highlight a growing concern about state-sponsored cyber espionage, particularly in Taiwan and neighboring countries.