Ghost RAT

China-Linked Actor Turns Velociraptor Into Ransomware Beachhead, Cisco Talos Warns

Researchers say the crew abused a privilege‑escalation bug in an outdated DFIR build to persist on servers, enabling mass encryption across VMware and Windows.