UNC6508, a PRC-linked threat group, exploited REDCap research data platform deployments to gain initial access at North American defense, medical, and academic research institutions, operating undetected for over a year. The group deployed custom malware (INFINITERED) and used a previously undocumented technique of manipulating enterprise email compliance rules to exfiltrate data. No CVE has been assigned; specific affected REDCap versions have not been publicly disclosed. Organizations conducting defense, Indo-Pacific, AI, or clinical research face the highest risk of prior compromise.