The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as HoldingHands RAT (aka Gh0stBins). "The campaign relied on phishing emails with PDFs that contained embedded malicious links," Pei Han Liao, researcher with Fortinet's FortiGuard
![]()
source https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html
source https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html