The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...
The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...
GitHub

mssql-clr

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...
GitHub

potato-exploits

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...
pharmaphorum

2nd ADC Payload Summit

With novel payload categories such as degraders, RNA polymerase II inhibitors, immunomodulators, gene silences, and splice modulators entering the clinic, don't miss this opportunity to meet with ...