The Chinese hacking group known as Mustang Panda has leveraged
a previously undocumented kernel-mode rootkit driver to deliver a
new variant of backdoor dubbed TONESHELL in a cyber attack detected
in mid-2025 targeting an unspecified entity in Asia. The findings
come from Kaspersky, which observed the new backdoor variant in
cyber espionage campaigns mounted by the hacking group
targeting
Read more https://thehackernews.com/2025/12/mustang-panda-uses-signed-kernel-driver.html
