Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

DarkSpectre quietly infected millions through seemingly legit browser extensions

The researchers initially discovered DarkSpectre while investigating ShadyPanda, a campaign based on popular Chrome and Edge extensions that infected over four million devices. Further analysis ...