home.social
Sign in Create account

#mustangpanda — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #mustangpanda, aggregated by home.social.

  1. Analyst207 @[email protected] ·

    Mustang Panda Unveils Modular FDMTP Backdoor in Cyberespionage Push

    Cyberespionage groups like Mustang Panda are constantly evolving their tactics, and a recent campaign has seen the emergence of a modular backdoor that allows attackers to adapt and persist in compromised environments. This sophisticated tool enables hackers to blend in with legitimate processes, making it a major concern for security…

    osintsights.com/mustang-panda-

    #Cyberespionage #ModularBackdoor #Fdmtp #MustangPanda #EarthPreta

    #cyberespionage #modularbackdoor #fdmtp #mustangpanda #earthpreta
  2. ijliao @[email protected] ·

    quote :
    #DreamSecurity 判定這波攻勢是由中國網路間諜組織 #MustangPanda 發動。該組織利用各國的頭條新聞或重要議題作為誘餌,藉此竊取國家機密並潛伏在美國政府機構之中。

    #APT

    #中國 #駭客 鎖定全球外交官員寄假美國政策檔案 開啟即遭駭入
    cna.com.tw/news/aopl/202602040

    #dreamsecurity #mustangpanda #apt #中國 #駭客
  3. Andy Thompson (rainmaker) @[email protected] ·

    💔 10M Dating App Users Exposed in Match Group Breach 💔

    ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

    Sources:
    - x.com/justabreach/status/20164
    - ransomware.live/id/TWF0Y2ggR3J
    - cybernews.com/security/hinge-o
    - darknetsearch.com/knowledge/ne
    - binance.com/en/square/post/01-

    #Tinder #PlentyofFish #Hinge #OKCupid #Match.com
    -----------------

    🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

    |Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

    Sources:
    - bleepingcomputer.com/news/secu
    - securelist.com/honeymyte-updat

    #China #CoolClinet #Chrome #Edge #MustangPanda
    -----------------

    🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

    A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

    Sources:
    - x.com/justabreach/status/20160
    - wired.com/story/meta-is-blocki
    - wired.com/story/ice-agents-are
    - police1.com/officer-safety/ice
    - scworld.com/brief/suspected-ru

    #ICE #Minneapolis #Immigration #DOXED #BorderPatrol
    -----------------

    #tinder #plentyoffish #hinge #okcupid #match #china
  4. Andy Thompson (rainmaker) @[email protected] ·

    💔 10M Dating App Users Exposed in Match Group Breach 💔

    ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

    Sources:
    - x.com/justabreach/status/20164
    - ransomware.live/id/TWF0Y2ggR3J
    - cybernews.com/security/hinge-o
    - darknetsearch.com/knowledge/ne
    - binance.com/en/square/post/01-

    #Tinder #PlentyofFish #Hinge #OKCupid #Match.com
    -----------------

    🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

    |Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

    Sources:
    - bleepingcomputer.com/news/secu
    - securelist.com/honeymyte-updat

    #China #CoolClinet #Chrome #Edge #MustangPanda
    -----------------

    🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

    A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

    Sources:
    - x.com/justabreach/status/20160
    - wired.com/story/meta-is-blocki
    - wired.com/story/ice-agents-are
    - police1.com/officer-safety/ice
    - scworld.com/brief/suspected-ru

    #ICE #Minneapolis #Immigration #DOXED #BorderPatrol
    -----------------

    #tinder #plentyoffish #hinge #okcupid #match #china
  5. Andy Thompson (rainmaker) @[email protected] ·

    💔 10M Dating App Users Exposed in Match Group Breach 💔

    ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

    Sources:
    - x.com/justabreach/status/20164
    - ransomware.live/id/TWF0Y2ggR3J
    - cybernews.com/security/hinge-o
    - darknetsearch.com/knowledge/ne
    - binance.com/en/square/post/01-

    #Tinder #PlentyofFish #Hinge #OKCupid #Match.com
    -----------------

    🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

    |Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

    Sources:
    - bleepingcomputer.com/news/secu
    - securelist.com/honeymyte-updat

    #China #CoolClinet #Chrome #Edge #MustangPanda
    -----------------

    🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

    A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

    Sources:
    - x.com/justabreach/status/20160
    - wired.com/story/meta-is-blocki
    - wired.com/story/ice-agents-are
    - police1.com/officer-safety/ice
    - scworld.com/brief/suspected-ru

    #ICE #Minneapolis #Immigration #DOXED #BorderPatrol
    -----------------

    #tinder #plentyoffish #hinge #okcupid #match #china
  6. Andy Thompson (rainmaker) @[email protected] ·

    💔 10M Dating App Users Exposed in Match Group Breach 💔

    ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

    Sources:
    - x.com/justabreach/status/20164
    - ransomware.live/id/TWF0Y2ggR3J
    - cybernews.com/security/hinge-o
    - darknetsearch.com/knowledge/ne
    - binance.com/en/square/post/01-

    #Tinder #PlentyofFish #Hinge #OKCupid #Match.com
    -----------------

    🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

    |Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

    Sources:
    - bleepingcomputer.com/news/secu
    - securelist.com/honeymyte-updat

    #China #CoolClinet #Chrome #Edge #MustangPanda
    -----------------

    🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

    A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

    Sources:
    - x.com/justabreach/status/20160
    - wired.com/story/meta-is-blocki
    - wired.com/story/ice-agents-are
    - police1.com/officer-safety/ice
    - scworld.com/brief/suspected-ru

    #ICE #Minneapolis #Immigration #DOXED #BorderPatrol
    -----------------

    #borderpatrol #doxed #immigration #minneapolis #ice #mustangpanda
  7. Andy Thompson (rainmaker) @[email protected] ·

    💔 10M Dating App Users Exposed in Match Group Breach 💔

    ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

    Sources:
    - x.com/justabreach/status/20164
    - ransomware.live/id/TWF0Y2ggR3J
    - cybernews.com/security/hinge-o
    - darknetsearch.com/knowledge/ne
    - binance.com/en/square/post/01-

    #Tinder #PlentyofFish #Hinge #OKCupid #Match.com
    -----------------

    🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

    |Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

    Sources:
    - bleepingcomputer.com/news/secu
    - securelist.com/honeymyte-updat

    #China #CoolClinet #Chrome #Edge #MustangPanda
    -----------------

    🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

    A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

    Sources:
    - x.com/justabreach/status/20160
    - wired.com/story/meta-is-blocki
    - wired.com/story/ice-agents-are
    - police1.com/officer-safety/ice
    - scworld.com/brief/suspected-ru

    #ICE #Minneapolis #Immigration #DOXED #BorderPatrol
    -----------------

    #tinder #plentyoffish #hinge #okcupid #match #china
  8. Pyrzout :vm: @[email protected] ·

    Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years hackread.com/chinese-apt-phant #Cybersecurity #PhantomTaurus #CyberAttacks #IIServerCore #MustangPanda #Afghanistan #CyberAttack #Security #backdoor #Pakistan #Malware #NETSTAR #Winnti #China

    #cybersecurity #phantomtaurus #cyberattacks #iiservercore #mustangpanda #afghanistan
  9. TechNadu @[email protected] ·

    🚨 PlugX & Bookworm RATs resurface in Asia’s telecom + ASEAN networks.
    🔹 PlugX overlaps w/ Naikon + BackdoorDiplomacy
    🔹 Bookworm = Mustang Panda’s long-lived modular RAT
    🔹 DLL side-loading, RC4 key reuse, stealthy C2
    💬 Do overlaps between APT toolkits weaken attribution?
    👉 Follow @technadu for sharp threat intel.

    #PlugX #Bookworm #MustangPanda #Naikon #BackdoorDiplomacy #ASEAN #APT #ThreatIntel #CyberSecurity #TechNadu

    #plugx #bookworm #mustangpanda #naikon #backdoordiplomacy #asean
  10. TechNadu @[email protected] ·

    🚨 PlugX & Bookworm RATs resurface in Asia’s telecom + ASEAN networks.
    🔹 PlugX overlaps w/ Naikon + BackdoorDiplomacy
    🔹 Bookworm = Mustang Panda’s long-lived modular RAT
    🔹 DLL side-loading, RC4 key reuse, stealthy C2
    💬 Do overlaps between APT toolkits weaken attribution?
    👉 Follow @technadu for sharp threat intel.

    #PlugX #Bookworm #MustangPanda #Naikon #BackdoorDiplomacy #ASEAN #APT #ThreatIntel #CyberSecurity #TechNadu

    #technadu #cybersecurity #threatintel #apt #asean #backdoordiplomacy
  11. TechNadu @[email protected] ·

    🚨 PlugX & Bookworm RATs resurface in Asia’s telecom + ASEAN networks.
    🔹 PlugX overlaps w/ Naikon + BackdoorDiplomacy
    🔹 Bookworm = Mustang Panda’s long-lived modular RAT
    🔹 DLL side-loading, RC4 key reuse, stealthy C2
    💬 Do overlaps between APT toolkits weaken attribution?
    👉 Follow @technadu for sharp threat intel.

    #PlugX #Bookworm #MustangPanda #Naikon #BackdoorDiplomacy #ASEAN #APT #ThreatIntel #CyberSecurity #TechNadu

    #plugx #bookworm #mustangpanda #naikon #backdoordiplomacy #asean
  12. Graylog @[email protected] ·

    ☠️ ⛓️‍💥 In a novel attack chain, the threat group #MustangPanda has been combining legitimate components with malicious payloads to reduce likelihood of detection. 😨 Needless to say, it's important for #security teams to know how to spot Mustang Panda’s use of MAVInject in campaigns. 🔍

    Follow along in our latest #GraylogLabs article as we emulate an infection chain and analyze the activity it produces in #Graylog. 👁️‍🗨️ We'll walk you through:
    ⚔️ An attack overview
    🗝️ The key elements
    😬 Persistence
    🦹 Emulating the Adversary
    🔍 Detections
    💡 Indicators

    Read on to also learn threat hunting and detection approaches that you can apply in your own environments! 🙌 👇

    graylog.org/post/adversary-tra #threathunting #cybersecurity #infosec

    #mustangpanda #security #grayloglabs #graylog #threathunting #cybersecurity
  13. Pyrzout :vm: @[email protected] ·

    FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers – Source: www.securityweek.com ciso2ciso.com/fbi-uses-malware #rssfeedpostgeneratorecho #CyberSecurityNews #JusticeDepartment #Malware&Threats #securityweekcom #MustangPanda #securityweek #Government #China #PlugX #fbi

    #rssfeedpostgeneratorecho #cybersecuritynews #justicedepartment #malware #securityweekcom #mustangpanda
  14. Josh Lemon @[email protected] ·

    The #FBI has mass-removed the #PlugX #malware from infected US computers. The infections were attributed to #MustangPanda (aka #TwillTyphoon).

    Remember this is just one botnet of #PlugX it's still used in the wild by many other threat actor groups.

    For you #DFIR folks, ensure you know how to go #ThreatHunting for DLL-Side Loading to find #PlugX in your network.

    bleepingcomputer.com/news/secu
    #IncidentResponse

    #fbi #plugx #malware #mustangpanda #twilltyphoon #dfir
  15. Pyrzout :vm: @[email protected] ·

    FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers securityweek.com/fbi-uses-malw #JusticeDepartment #Malware&Threats #MustangPanda #Government #China #PlugX #FBI

    #justicedepartment #malware #mustangpanda #government #china #plugx
  16. Pyrzout :vm: @[email protected] ·

    FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers securityweek.com/fbi-uses-malw #JusticeDepartment #Malware&Threats #MustangPanda #Government #China #PlugX #FBI

    #justicedepartment #malware #mustangpanda #government #china #plugx
  17. The Threat Codex @[email protected] ·

    Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers
    #MustangPanda #PlugX
    justice.gov/opa/pr/justice-dep

    #mustangpanda #plugx
  18. avallach @[email protected] ·

    @c2links scanning #MustangPanda #PlugX - #Hodur with #NoWhere2Hide

    c2links.com/2024/07/03/trackin

    Scan results shared here: nowhere2hide.info:6332/c2?malw

    #mustangpanda #plugx #hodur #nowhere2hide
  19. Mr.Trunk @[email protected] ·

    Unit42: Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda unit42.paloaltonetworks.com/st #ThreatProtection #BRONZEPRESIDENT #StatelyTaurus #MustangPanda #threatactors #CL-STA-0044 #CortexXSIAM #Government #EarthPreta #CortexXDR #webshells #backdoor #RedDelta #WildFire #TA416

    #threatprotection #bronzepresident #statelytaurus #mustangpanda #threatactors #cl
  20. Mr.Trunk @[email protected] ·

    Unit42: Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government unit42.paloaltonetworks.com/an #BehavioralThreatProtection #ThreatProtection #StatelyTaurus #ChinaChopper #CobaltStrike #MustangPanda #threatactors #AlloyTaurus #CL-STA-0044 #CL-STA-0045 #CL-STA-0046 #CortexXSIAM #DNSsecurity #Government #CortexXDR #Gelsemium #webshells #WildFire #GALLIUM #APTs

    #behavioralthreatprotection #threatprotection #statelytaurus #chinachopper #cobaltstrike #mustangpanda
  21. SecurityLab @[email protected] ·

    Тайвань обвинил Пекин в кибератаках на госорганы #Китай, #Тайвань, #APT, #Blacktech, #Taidoor, #MustangPanda, #APT40 securitylab.ru/news/511308.php twitter.com/SecurityLabnews/st

    #apt40 #mustangpanda #taidoor #blacktech #apt #тайвань