SideWinder APT uses 20 infrastructure nodes across 8 PaaS platforms to target MHIL, Pakistan Air Force, Bangladesh Navy, and 4 more organizations. Dual password harvest steals credentials twice. Confirmed victim: MHIL project coordinator. Campaign parameter reused for 5 months.