Every article I read about the wasp prior to this show (granted, this was only 2 or 3 ones) have all mentioned that it is likely a stage 2/secondary payload/etc. thing. E.g., FOSSBytes say “However, security researchers still don’t know the actual infection vector; they suspect that the malware was spread in systems already controlled by the hackers. So, it could be said that HiddenWasp is being used as a secondary payload.”

Your source/linked article also says “Evidence shows in high probability that the malware is used in targeted attacks for victims who are already under the attacker’s control, […]”

But yes, click‐baity headlines are horrible. :|
- Freso