Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

| December 30th, 2025

By Ionut Arghire

The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor.

The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

Posted on Tuesday, December 30th, 2025 at 10:08 am in Uncategorized | rss feed for comments| Leave a response, or trackback

Leave a Reply

You must be logged in to post a comment.