VSOCK

CISA has published technical details of BRICKSTORM, a Golang backdoor used by PRC-linked threat actors to maintain stealthy, long-term access to VMware vSphere and Windows environments; CrowdStrike and other firms link the tool to UNC5221 and Warp Panda, while the Chinese embassy has denied the allegations.