Researchers at Mandiant caught the hacking group APT41 breaking into shipping, logistics, and automotive organizations in Europe and Asia. APT41 is a Chinese government-backed hacking group and is also known as Barium, Wicked Panda, and Winnti. Mandiant warns that APT41 has maintained unauthorized access to some of these organizations since at least 2023. In these attacks, the hacking group is using web shells on Tomcat Apache Manager servers to deploy a backdoor. This allows for command-and-control communications. Mandiant has published a list with indicators of compromise and forensics data to help organizations determine if they have been infiltrated by APT41.