Threat Intelligence Report

Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack

📅 October 29, 2025 📰 unit42.paloaltonetworks.com 🔍 0 CVE(s) referenced

A suspected nation-state threat actor has deployed a new, highly evasive Windows malware family called Airstalk in a supply chain attack, leveraging trusted mobile device management APIs to covertly exfiltrate sensitive browser data from victim organizations and their clients.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle