As many as 85 command-and-control (C2) servers have beendiscoveredsupported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That’s according to VMware’s Threat Analysis Unit (TAU), whichstudiedthree ShadowPad variants using TCP, UDP, and HTTP(S) protocols for C2 communications. ShadowPad, seen as a successor toPlugX, is a modular