Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: FamousSparrow, UNC2286, Salt Typhoon, RedMike, OPERATOR PANDA, GhostEmperor, Earth Estries
GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode rootkit called Demodex to gain remote control over their targeted servers. The actor demonstrates a high level of sophistication and uses various anti-forensic and anti-analysis techniques to evade detection. They have been active for a significant period of time and continue to pose a threat to their targets.
| CVE ID | Action |
|---|---|
| CVE-2014-7169 | View Details |
| CVE-2016-6662 | View Details |
| CVE-2018-0171 | View Details |