Beijing's RedNovember hacked critical US, global orgs
RedNovember exploited internet-facing appliance vulnerabilities from June 2024–July 2025 to deploy Pantegana and other tools against governments and critical private sectors worldwide.
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike
Chinese state-sponsored group RedNovember (aka Storm-2077) targeted global government and private organizations using Pantegana and Cobalt Strike to exploit perimeter appliances.