This dangerous APT has expanded its skills with some new tools - here's what we know

Originally, CoolClient was able to profile and gather system and user details, and record keystrokes. It allowed Mustang panda to upload and delete files, run TCP tunneling and reverse-prosy listening ...
The Hacker News

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

China-linked Mustang Panda used updated COOLCLIENT malware in 2025 espionage to steal data from government and telecom ...

Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...