A Chinese-speaking threat actor was found exploiting vulnerabilities in South Korean, Chinese, Thai, Taiwanese, and Iranian organizations, where the actor utilized scanning tools like WebLogicScan, Vulmap, and Xray to identify targets.  The Viper C2 framework, Cobalt Strike with TaoWu and Ladon extensions, and the Leaked LockBit 3 builder were employed to deploy malware and encrypt … Continue reading Chinese Hackers’ Toolkit and Activity History EXPOSED