{"id":216962,"date":"2026-05-20T03:10:05","date_gmt":"2026-05-20T07:10:05","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/20\/china-linked-hackers-deploy-new-tencshell-malware-against-manufacturer\/"},"modified":"2026-05-20T03:10:08","modified_gmt":"2026-05-20T07:10:08","slug":"china-linked-hackers-deploy-new-tencshell-malware-against-manufacturer","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/20\/china-linked-hackers-deploy-new-tencshell-malware-against-manufacturer\/","title":{"rendered":"China-Linked Hackers Deploy New TencShell Malware Against Manufacturer"},"content":{"rendered":"

China-Linked Hackers Deploy New TencShell Malware Against Manufacturer<\/a><\/p>\n

https:\/\/www.infosecurity-magazine.com\/news\/china-hackers-tencshell-malware\/<\/a><\/p>\n

Publish Date: 2026-05-19 00:36:15<\/a><\/p>\n

Source Domain: www.infosecurity-magazine.com<\/a><\/p>\n

Summary:<\/strong>
\nResearchers at Cato Networks\u2019 Cyber Threats Research Lab (CTRL) discovered an undocumented malware implant, suspected to be affiliated with a China-linked actor, during their handling of an intrusion attempt targeting the Indian branch of a global manufacturing firm in April 2026. Although the Cato CTRL team successfully thwarted the attack, they uncovered suspicious traffic tied to a third-party user in the customer\u2019s environment. The operation employed multiple advanced techniques, including a first-stage dropper (Donut shellcode), masquerading a.woff web-font resource, memory injection, and web-like command-and-control (C2) communication. The attackers aimed to install a Go-based implant named \u2018TencShell,\u2019 derived from the open-source Rshell framework and customized to fit the operation\u2019s requirements. Although Cato CTRL highlighted that – The generated text has been blocked by our content filters.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

China-Linked Hackers Deploy New TencShell Malware Against Manufacturer https:\/\/www.infosecurity-magazine.com\/news\/china-hackers-tencshell-malware\/ Publish Date: 2026-05-19 00:36:15 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":216963,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/ae43e1a3-6a82-4650-8db1-1848ff15870a.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32],"class_list":["post-216962","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216962"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=216962"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216962\/revisions"}],"predecessor-version":[{"id":216964,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216962\/revisions\/216964"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/216963"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=216962"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=216962"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=216962"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}