FlagThis

The Winnti hacking group is using a new PHP backdoor called ‘Glutton’. This backdoor is being used in attacks targeting organizations in both China and the United States. Additionally, Winnti is also targeting other cybercriminals, indicating a shift in their focus and tactics. The use of the Glutton backdoor is a concerning development as it demonstrates the group’s ability to adapt and create new tools for their operations.