Home/Tag/China Apt

China Apt

5 articles tagged with "China Apt"

Malware5 min read

Rapid7 Links Notepad++ Breach to Lotus Blossom APT

Rapid7 attributes the six-month Notepad++ supply chain compromise to Chinese APT Lotus Blossom, revealing a custom Chrysalis backdoor and three distinct infection chains.

James RiveraFeb 6, 2026

Threat Intelligence4 min read

Mustang Panda Upgrades COOLCLIENT With Browser Credential Theft

Chinese APT adds clipboard monitoring, browser stealing, and enhanced plugins to its long-running backdoor. Government entities in Asia remain primary targets.

Alex KowalskiJan 29, 2026

Vulnerabilities4 min read

Cisco Patches Email Gateway Zero-Day Exploited by Chinese APT

AsyncOS fixes released for CVE-2025-20393 after weeks of active exploitation. Compromised appliances require full rebuild to remove persistent backdoors.

Marcus ChenJan 16, 2026

Threat Intelligence4 min read

Chinese APT Used VMware ESXi Zero-Days to Escape VMs

Huntress researchers discover 'MAESTRO' toolkit exploiting three VMware vulnerabilities. Attackers chained SonicWall VPN access with hypervisor escape to deploy persistent backdoors.

Alex KowalskiJan 13, 2026

Threat Intelligence4 min read

Mustang Panda Deploys Kernel-Mode Rootkit to Conceal TONESHELL Backdoor

Chinese APT uses stolen certificate to sign malicious driver that disables security tools. First documented case of TONESHELL delivered via kernel-mode loader.

Alex KowalskiDec 30, 2025