2026-04-09 (Thursday): I found a site with inject script for both the #KongTuke and #SmartApeSG campaigns. Only got #SmartApeSG

Zip archive payload: c0d91df99b279ebfd952dadf0d1b94e436defa6bb59752cfad13777187f88553

Saw the same possible data exfiltration traffic to the same server at 89.110.110[.]119:443 that I saw from the previous payload from SmartApeSG campaign I reported on Monday 2026-04-06.