Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Posted on October 8, 2025 • 1 min read • 68 words
Hackernews
Hackernews
Share via

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Read on Hackernews

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique called log poisoning (aka log injection) to plant a web shell on a web

Follow Us

Everything coding, technology, and digital Life