Cisco Talos reports China-linked APT UAT-8837 targeting North American critical infrastructure via a Sitecore zero-day, abusing Active Directory and R.