1. Home

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

  • Posted on December 30, 2025
  • By The Hacker News
  • 1 Views
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security tools.
continue reading...

Author
The Hacker News

You May Also Like