Hackread.comMay 5, 2025

🚨 Chinese APT group ‘TheWizards’ is exploiting IPv6 spoofing with a new tool called #Spellbinder to drop the WizardNet backdoor via hijacked software updates.

Read: https://hackread.com/chinese-thewizards-exploits-ipv6-wizardnet-backdoor/

#Cybersecurity #APT #Malware #IPv6 #WizardNet

Chinese Group TheWizards Exploits IPv6 to Drop WizardNet Backdoor

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The Threat CodexApr 30, 2025
TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks
#TheWizards #Spellbinder #WizardNet
https://www.welivesecurity.com/en/eset-research/thewizards-apt-group-slaac-spoofing-adversary-in-the-middle-attacks/
TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

ESET researchers publish an analysis of Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks.