HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

This report details Kaspersky's analysis of HoneyMyte APT operations across Asia and Europe, describing an updated CoolClient backdoor (DLL sideloading, multi-stage loaders, plugins, keylogging, clipboard and HTTP proxy credential stealing), browser credential stealers for Chromium/Edge/Firefox, PowerShell and batch data‑theft scripts, campaign infrastructure and IOCs to support detection and response.