#mustang-panda

[ follow ]
#cyber-espionage #dll-side-loading #spear-phishing #toneshell #phishing #malware #ai-detection #cyberespionage
Information security
fromAxios
3 months ago

Exclusive: Suspected Chinese hackers impersonate U.S. briefings in phishing lure

China-linked Mustang Panda used file-based phishing to infect diplomatic and election officials with data-stealing persistent malware, detected by an AI agent at Dream.
Information security
fromThe Hacker News
3 months ago

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Mustang Panda uses an updated COOLCLIENT backdoor in 2025 to steal comprehensive data from infected endpoints, deployed alongside PlugX and LuminousMoth.
Information security
fromThe Hacker News
4 months ago

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

A Chinese state-sponsored group used politically themed lures and DLL side-loading to deploy the LOTUSLITE backdoor against U.S. government and policy entities.
#toneshell
more#toneshell
Information security
fromThe Hacker News
8 months ago

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.
[ Load more ]