ShadowPad
-
DKnife targets network gateways in long-running AitM campaign
DKnife is a modular adversary-in-the-middle framework that has operated on network gateways since at least 2019. It inspects and manipulates traffic to hijack updates and deliver malware to downstream devices.
-
China-linked Ink Dragon group targets European government networks, Check Point says
Check Point Research says a China-linked hacking cluster known as Ink Dragon has focused on European government targets since July 2025, using web shells, ShadowPad relays and modular tooling including FINALDRAFT to maintain stealthy, long-term access across multiple regions.
-
New Variants of SparrowDoor Malware Linked to Chinese Threat Actor FamousSparrow
The Chinese hacking group FamousSparrow has been linked to recent cyber attacks involving new variants of the SparrowDoor malware and the ShadowPad backdoor, targeting a U.S. trade group and a Mexican research institute.
