The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia.
« This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target networks, » Palo Alto Networks Unit 42 researcher Tom Fakterman said in a