New Threat Actor Targets Bulgaria, China, Vietnam, and Other Countries With Customized Yashma Ransomware

The threat actor behind this operation uses an uncommon technique of downloading the ransom note from a GitHub repository, evading detection by embedding it in an embedded batch file.