#mustang-panda

[ follow ]
#cyber-espionage #dll-side-loading #spear-phishing #toneshell #cybersecurity #coolclient #rootkit #lotuslite
Information security
fromThe Hacker News
5 days ago

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Mustang Panda uses an updated COOLCLIENT backdoor in 2025 to steal comprehensive data from infected endpoints, deployed alongside PlugX and LuminousMoth.
Information security
fromThe Hacker News
2 weeks ago

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

A Chinese state-sponsored group used politically themed lures and DLL side-loading to deploy the LOTUSLITE backdoor against U.S. government and policy entities.
#toneshell
more#toneshell
Information security
fromThe Hacker News
5 months ago

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.
#cybersecurity
fromThe Hacker News
7 months ago
Privacy professionals

PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack

Mustang Panda is targeting the Tibetan community with cyber espionage campaigns using tailored spear-phishing tactics.
fromThe Hacker News
9 months ago
Web frameworks

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Mustang Panda has updated its malware toolkit to enhance cyber attack effectiveness, targeting organizations with advanced techniques.
more#cybersecurity
[ Load more ]