The Threat CodexMay 6
UAT-8302 and its box full of malware
#UAT_8302 #NetDraft #Vshell #SNOWLIGHT #SNAPPYBEE #Zingdoor
https://blog.talosintelligence.com/uat-8302/
UAT-8302 and its box full of malware

Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025.

Cisco Talos Blog
The Threat CodexOct 21, 2025
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
#SaltTyphoon #SNAPPYBEE
https://www.darktrace.com/blog/salty-much-darktraces-view-on-a-recent-salt-typhoon-intrusion
Benjamin Carr, Ph.D. 👨🏻‍💻🧬Nov 26, 2024
#SaltTyphoon hackers backdoor #telcos with new #GhostSpider #malware
The backdoor was discovered by Trend Micro, which has been monitoring Salt Typhoon's attacks against critical infrastructure and government organizations worldwide.
Along with GhostSpider, Trend Micro discovered that the threat group also uses a previously documented #Linux backdoor named '#MasolRAT,' a #rootkit named '#Demodex,' and a modular backdoor shared among #China #APT groups named '#SnappyBee.'
https://www.bleepingcomputer.com/news/security/salt-typhoon-hackers-backdoor-telcos-with-new-ghostspider-malware/
Salt Typhoon hackers backdoor telcos with new GhostSpider malware

The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers.

BleepingComputer
The Threat CodexNov 25, 2024
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions
#EarthEstries #DEMODEX #GHOSTSPIDER #MASOLRAT #SNAPPYBEE
https://www.trendmicro.com/en_us/research/24/k/earth-estries.html
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions

Trend Micro