Leading Myanmar Fleet Management Company Yoma Fleet Selects AccuKnox SIEM to Replace Legacy Tools

Menlo Park, USA, 10th March 2026, CyberNewswire...

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

The Chinese hacking group known as Mustang Panda aka HoneyMyte has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky,...

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Overview of the attacks In mid-2025, we identified a malicious driver file on computer systems in Asia. The driver file is signed with an old, stolen, or leaked digital certificate and registers as a mini-filter driver on infected machines. Its end-goal is to inject a backdoor Trojan into the...

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’

Myanmar’s military has been blowing up parts of the KK Park scam compound. Experts say the actions are likely for show...

EUVD-2014-7388

Malware in sbrugna...

ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots

A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific APAC. According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration...

493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds

Scam compounds in Cambodia, Myanmar, and Laos have conned people out of billions. New research shows they may be linked to child sextortion crimes too...

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. Thi...

Elon Musk’s Starlink Is Keeping Modern Slavery Compounds Online

A WIRED investigation reveals that criminals who make billions from scam compounds in Myanmar—where tens of thousands of people are enslaved—are using Starlink to get online...

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...

US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked

Plus: Microsoft says attackers accessed employee emails, Walmart fails to stop gift card fraud, “pig butchering” scams fuel violence in Myanmar, and more...

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. Indian security firm under scrutiny, according to an in-depth analysis from SentinelOne, began as a...

They Supported Air Strike Victims. Then They Were Doxed and Arrested

Myanmar’s military junta is increasing surveillance and violating basic human rights. The combination of physical and digital surveillance is reaching dangerous new levels...

PT-2023-35766 · Google · Google Myanmar Tools

Name of the Vulnerable Software and Affected Versions: google myanmar tools affected versions not specified Description: The issue is related to a crash in the ZawgyiDetector component of google myanmar tools. The crash occurs due to an unknown read error. Technical details about the crash includ...

Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023. "Unlike most of the group's malware, MQsTTang doesn't seem to be based on existing families or publicly...

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular...

Myanmar’s Fight for Democracy Is Now a Scrap Over Phone Records

Norwegian telecoms giant Telenor wants to leave Myanmar. Activists say its exit risks putting their data— and their freedom—at risk...

Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities

A malicious campaign has been found leveraging a technique called domain fronting to hide command-and-control traffic by leveraging a legitimate domain owned by the Myanmar government to route communications to an attacker-controlled server with the goal of evading detection. The threat, which wa...

Attackers use domain fronting technique to target Myanmar with Cobalt Strike

By Chetan Raghuprasad, Vanja Svajcer and Asheer Malhotra. News Summary Cisco Talos discovered a new malicious campaign using a leaked version of Cobalt Strike in September 2021. This shows that Cobalt Strike, although it was originally created as a legitimate tool, continues to be something... Th...

Fake Zoom App Dropped by New APT ‘Luminous Moth’

Researchers have spotted a weird one: A newly identified threat actor linked to China that’s first mass-attacking, but then cherry-picking, just a few targets to hit with malware and data exfiltration. Kaspersky researchers said in a Wednesday writeup that they’ve named the advanced threat actor...