Chinese state hackers use rootkit to hide ToneShell malware activity
From BleepingComputer to All on Mon Dec 29 19:44:34 2025
A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations. [...]