Seqrite Labs has documented Operation Dragon Weave, a China-aligned cyber-espionage campaign targeting government, research, academic, technology, and financial-services organizations in the Czech Republic and Taiwan. Spear-phishing emails carry ZIP attachments that trigger one of two infection chains: a malicious LNK file masquerading as a PDF that runs PowerShell, or a self-contained Rust dropper launched directly. Both extract RuntimeBroker_update.exe, which DLL-sideloads a malicious UnityPlayer.dll to deploy a Rust loader called RUSTCLOAK. RUSTCLOAK decrypts and runs the final payload, an AdaptixC2 agent codenamed AZUREVEIL that uses Microsoft Azure Blob Storage for command-and-control. The use of legitimate cloud services for C2 and Rust tooling complicates detection.