A China-linked threat actor sustained multi-year covert access to military and defense organizations across Southeast Asia, deploying previously undocumented backdoor malware to collect intelligence over an extended period. The campaign demonstrates a deliberate, patient collection posture targeting sensitive defense data in a strategically significant region, suggesting state-directed espionage objectives rather than opportunistic intrusion. Organizations with defense, government, or critical infrastructure ties in Southeast Asia face elevated risk of undetected long-term compromise.