A threat actor tracked as **PCPJack** has quietly compromised at least 230 cloud servers across Amazon Web Services, Google Cloud Platform, and Microsoft Azure, repurposing them as a covert SMTP email