TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8129

@thehackernews

The Hacker News

Views13,900Post view count
PostedDec 3012/30/2025, 08:39 AM
Post content

Post content

πŸ›‘ Mustang Panda is deploying TONESHELL via a kernel-mode rootkit driver. The signed driver loads before antivirus tools, injects the backdoor into system processes, and blocks security visibility. πŸ”— Read β†’ https://thehackernews.com/2025/12/mustang-panda-uses-signed-kernel-driver.html