LOWData BreachACTIVE

The Hacker News: Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

April 22, 2026

Incident Summary

Cybersecurity researchers have discovered a new variant of the LOTUSLITE malware distributed via a theme related to India’s banking sector. The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access. The described targeting includes India banks and South Korea policy circles. The input does not provide details showing a confirmed breach of Continue.dev or the company Continue, or the scope of any impact to its users. Limited public details available in the provided text beyond the malware description and targeting.

Incident Details

Type: Data Breach
Severity: LOW
Status: ACTIVE
Date Occurred: April 22, 2026

Affected Industries

Finance Government

External Sources

https://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.html

Back to Continue.dev risk profile