The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...
SecurityWeek

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.
GitHub

mssql-clr

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...
GitHub

potato-exploits

A single stored procedure transformed into a multi-functional tool like a Swiss Army knife after exploitation — an attack-focused SQL CLR toolset: file system control, payload preparation, privilege ...