The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012, leveraging backdoors such as MgBot (aka POCOSTICK) and Nightdoor (aka NetMM and Suzafk) to harvest sensitive information.

Source: The Hacker News