Tag: tencent

2 Attack Reports | 0 Vulnerabilities

Attack reports

Cato CTRL Threat Research: Suspected China-Linked Threat Actor Targets Global Manufacturer with Undocumented TencShell Malware

In April 2026, Cato CTRL identified and blocked an attempted intrusion against a global manufacturing customer involving TencShell, a previously undocumented, Go-based implant derived from the open-source Rshell C2 framework. The activity appeared in traffic associated with a third-party user conne…
tencent
go
china-linked
2026-05-18
cato ctrl
rshell
tencshell
Published: May 18, 2026
Downloadable IOCs: 52

Attackers deploying new tactics in campaign targeting exposed Docker APIs

Datadog Security Researchers recently encountered a new campaign that targets Docker API endpoints publicly exposed without authentication, with the objective of spreading cryptojacking malware. The observed TTPs bear resemblance to those seen in Spinning YARN, another campaign discovered in March …
docker
2024-06-20
xmrig miner
compiler
yarn
docker host
spinning yarn
docker engine
mnt directory
go code
tencent
vurl
exeremo
chkstart
execstartpost
Published: June 20, 2024
Linked vulnerabilities : CVE-2023-22515, CVE-2022-26134
Downloadable IOCs: 37
Click here to see more Attack Reports