Blog Home
Company
Marketplace

The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Infect Once, Spread Everywhere: CanisterWorm and the Automation of Supply Chain Compromise

Mar 31, 2026 11:07:10 AM / by The Hivemind posted in Threat Bulletin, DevSecOps security, decentralized C2, ICP malware, CanisterWorm, CI/CD compromise, Kubernetes security, software supply chain attack, npm malware, TeamPCP, container security, token harvesting malware

0 Comments

Related Families: CanisterWorm

Subscribe to Email Updates

Recent
Popular
Categories

Lists by Topic

Threat Bulletin (385)
Ransomware (83)
Linux (34)
Android (33)
Emerging Threat (31)
China (29)
PolySwarm (29)
Russia (29)
Backdoor (26)
Espionage (25)
Evolving Threat (24)
Ukraine (24)
Product (23)
Government (22)
Infostealer (21)
Critical Infrastructure (20)
Stealer (20)
North Korea (18)
Windows (17)
MacOS (16)
RAT (16)
Energy (15)
Healthcare (15)
Malware (15)
Mobile (15)
Partner (15)
Cryptocurrency (14)
Explained (14)
Financial (14)
Trojan (14)
Loader (11)
LockBit (11)
Research (11)
ALPHV (10)
Iran (10)
Middle East (10)
Banking Trojan (9)
Blockchain (9)
Telecommunications (9)
APT (8)
Android Malware (8)
Asia (8)
Banker (8)
Banking (8)
Engine (8)
Spyware (8)
2022 Recap (7)
APAC (7)
Botnet (7)
Data Exfiltration (6)
Media (6)
TTPs (6)
Wiper (6)
2024 (5)
Charming Kitten (5)
Cl0p (5)
DDoS (5)
Europe (5)
Fancy Bear (5)
India (5)
Insider (5)
Mac (5)
Phishing (5)
Press (5)
Rhysida (5)
Spear Phishing (5)
credential theft (5)
cyber espionage (5)
2023 Recap (4)
BlackCat (4)
Cobalt Strike (4)
Cryptocurrency Theft (4)
DLL sideloading (4)
Data Theft (4)
INC (4)
IcedID (4)
Linux Malware (4)
Lockbit 3.0 (4)
Malware-As-A-Service (4)
Manufacturing (4)
Mirai (4)
Primitive Bear (4)
Royal (4)
Static Kitten (4)
Technology (4)
Threat Hunting (4)
Wicked Panda (4)
Windows Malware (4)
Winnti (4)
overlay attacks (4)
social engineering (4)
2023 (3)
APT41 (3)
Aerospace (3)
Akira Ransomware (3)
Android banking trojan (3)
BPFDoor (3)
Babuk (3)
Black Basta (3)
BlackSuit (3)
Bumblebee (3)
Cerber (3)
Conti (3)
Cozy Bear (3)
Cryptominer (3)
Cybercrime (3)
Defense (3)
ESXi (3)
Education (3)
Evasive Panda (3)
Events (3)
Extortion (3)
Gaza (3)
Hacktivism (3)
Hive (3)
ICS (3)
Interview (3)
Israel (3)
Lazarus (3)
Leadership (3)
MENA (3)
MOVEit (3)
MacOS malware (3)
Malware Analysis (3)
Military (3)
Muddy Water (3)
MuddyWater (3)
Mustang Panda (3)
Pakistan (3)
Palestine (3)
Phishing Campaigns (3)
PowerShell (3)
Python (3)
RansomHub (3)
Recap (3)
Red Menshen (3)
RedLine Stealer (3)
Remote Access Trojan (3)
SpyNote (3)
StealC (3)
Volt Typhoon (3)
VooDoo Bear (3)
accessibility service abuse (3)
double extortion (3)
information stealer (3)
2FA (2)
AES-256-CBC encryption (2)
APT35 (2)
APT36 (2)
Accessibility Services abuse (2)
AcidRain (2)
Akira (2)
Anatsa (2)
Android Overlay Attacks (2)
Android Spyware (2)
Apple (2)
Armageddon (2)
AsyncRAT (2)
Atomic macOS Stealer (2)
Belarus (2)
BiBi-Linux (2)
Bitter APT (2)
BlackBasta (2)
BlackByte (2)
Brunhilda (2)
BunnyLoader (2)
C2 framework (2)
CAPTCHA (2)
CVE-2023-22518 (2)
CVE-2023-34362 (2)
CVE-2024-40766 (2)
CaddyWiper (2)
Cadet Blizzard (2)
CapraRAT (2)
CastleLoader (2)
ClayRAT (2)
ClickFix (2)
Crocodilus (2)
Cross-Platform Ransomware (2)
Cuba (2)
Cyber Warfare (2)
Cybersecurity (2)
DDoS Attacks (2)
DanaBot (2)
Deed RAT (2)
Disbuk (2)
Discord (2)
Downloader (2)
DragonForce (2)
DroxiDat (2)
Emotet (2)
Ermac (2)
Famous Chollima (2)
Gallium (2)
Gameredon (2)
Gaming (2)
Hamas (2)
HermeticWiper (2)
IRGC cyber operations (2)
Industroyer2 (2)
IoT (2)
Killnet (2)
Kimsuky (2)
Knight (2)
Kopiluwak (2)
LNK (2)
Labyrinth Chollima (2)
Latin America (2)
Latrodectus (2)
Lazarus Group (2)
Linux backdoor (2)
LummaC2 (2)
MOIS (2)
MaaS (2)
Medusa (2)
Microsoft (2)
Middle East targeting (2)
Mobile Security (2)
NCT (2)
Nuclear (2)
ONG (2)
Oil & Gas (2)
Phishing Attacks (2)
Phishing Campaign (2)
Phobos (2)
PingPull (2)
Play (2)
Poland (2)
PowerShell malware (2)
Predictions (2)
QNAP (2)
Qbot (2)
REvil (2)
Ransomware Campaign (2)
RedStinger (2)
Redline (2)
Remcos RAT (2)
Rhadamanthys (2)
Ricochet Chollima (2)
Rust (2)
Rust Malware (2)
SSL VPN (2)
Salt Typhoon (2)
Sandworm (2)
Security (2)
Sidewinder (2)
Silent Chollima (2)
SonicWall VPN (2)
Speaking (2)
Star Blizzard (2)
Stardust Chollima (2)
Supply Chain Attack (2)
SystemBC (2)
Threat Bounty (2)
Threat Landscape (2)
Transportation (2)
Turla (2)
US (2)
VBA macros (2)
Venomous Bear (2)
Voodoobear (2)
Vultur (2)
WhisperGate (2)
Wiper Malware (2)
Xloader (2)
YoroTrooper (2)
anti-analysis techniques (2)
credential stealers (2)
cryptocurrency stealers (2)
device takeover (2)
framework (2)
keylogger (2)
lockscreen bypass (2)
macOS security (2)
malware obfuscation (2)
mobile threat evolution (2)
on-device fraud (2)
.NET DNS Backdoor (1)
.NET Malware (1)
2024 Recap (1)
2025 malware trends (1)
64-bit (1)
8base (1)
AHKBOT (1)
AI Server Security (1)
AI agent supply chain attack (1)
AI cybersecurity threats (1)
AI-enabled malware (1)
AI-generated malware (1)
AI-generated trojans (1)
AI-powered ransomware (1)
AIRASHI (1)
AIS manipulation (1)
AMOS info stealer (1)
AMOS malware (1)
API Hashing (1)
APK (1)
APT 38 (1)
APT 45 (1)
APT techniques (1)
APT24 (1)
APT27 (1)
APT28 (1)
APT29 (1)
APT33 (1)
APT37 (1)
APT42 (1)
AWS (1)
AWS EC2 outage (1)
AWS data center attack (1)
AWS outage Middle East (1)
AXLocker (1)
AcidPour (1)
AdaptixC2 (1)
Administrative Console (1)
Adware (1)
Agenda Ransomware (1)
AhMyth (1)
AhRAT (1)
AirWatch API (1)
Airstalk Malware (1)
Aisuru variant (1)
Ajina (1)
Albiriox (1)
Amadey (1)
Andariel (1)
Android Security (1)
Android evasion techniques (1)
Android surveillanceware (1)
Andromeda (1)
Androxgh0st (1)
App Store (1)
Apple Silicon evasion (1)
AppleChris malware (1)
AppleScript (1)
Aquatic Panda (1)
Arbiter (1)
Archer RAT (1)
AresLoader (1)
Argentina targeting (1)
ArguePatch (1)
Asylum Ambuscade (1)
AsyncRAT trojan (1)
Atomic Wallet (1)
Authentication (1)
Avanti (1)
Aviation (1)
AvosLocker (1)
AxBanker (1)
Axiom (1)
Azov (1)
BBTok (1)
BERT ransomware (1)
BH_A006 (1)
BITS (1)
BOINC (1)
BYOVD attack (1)
BabbleLoader (1)
Bad Magic (1)
BadAudio (1)
BadBazaar (1)
BadIIS (1)
BadSpace (1)
Banshee (1)
Baron Samedit (1)
Bash payload (1)
Baton Drop (1)
Baxtoy (1)
BazaLoader (1)
BazarBackdoor (1)
BazarLoader (1)
BeaverTail malware (1)
Betruger (1)
BiBi-Windows (1)
BianLian (1)
BitSloth (1)
BlackByte NT (1)
BlackLotus (1)
BlackMatter (1)
BloodAlchemy (1)
BlueNoroff (1)
BokBot (1)
Bootkit (1)
BoratRAT (1)
Botnet Mitigation (1)
BrainCipher (1)
BrainCypher (1)
Brokewell (1)
Browser Exfiltration (1)
Brute Ratel (1)
BugSleep (1)
BunnyLoader 3.0 (1)
Buxzop (1)
Bybit (1)
C language malware (1)
C# malware (1)
C-Joker (1)
C3RB3R (1)
CAPTCHA Campaign (1)
CI/CD compromise (1)
CIS (1)
CL-STA-1009 (1)
CMS (1)
COLDRIVER malware (1)
CVE-2017-7921 (1)
CVE-2021-21974 (1)
CVE-2021-33044 (1)
CVE-2021-3493 (1)
CVE-2021-4034 (1)
CVE-2022-21894 (1)
CVE-2022-26134 (1)
CVE-2022-30190 (1)
CVE-2022-31199 (1)
CVE-2022-47986 (1)
CVE-2023-1389 (1)
CVE-2023-2868 (1)
CVE-2023-36025 (1)
CVE-2023-46604 (1)
CVE-2024-21412 (1)
CVE-2024-3400 (1)
CVE-2024-7344 (1)
CVE-2025-0994 (1)
CVE-2025-21042 (1)
CVE-2025-3248 (1)
CVE-2025-49704 (1)
CVE-2025-49706 (1)
CVE-2025-53770 (1)
CVE-2025-53771 (1)
CVE-2025-55182 (1)
CVE-2026-21509 (1)
Cactus (1)
CanisterWorm (1)
Canopy (1)
Carderbee (1)
Caribbean undersea cable security (1)
CastleRAT (1)
CatB (1)
CatB99 (1)
Central Asia (1)
Cerber2021 (1)
CerberImposter (1)
ChaCha20 encryption (1)
Chaos (1)
Chaos RAT (1)
Charon ransomware (1)
Chemical (1)
China cyber espionage (1)
China-aligned APT (1)
Chinese Cyber Espionage (1)
Chinese nation-state actors (1)
Chinese threat actors (1)
Chocolatey (1)
Chollima (1)
ChromeKatz (1)
Cicada3301 (1)
Citrix NetScaler (1)
Cl0p ransomware (1)
ClawHavoc (1)
ClawHub poisoning (1)
ClickFix lure (1)
ClickFix social engineering (1)
Clipping & Switching (1)
Cloud Service Abuse (1)
Cloudflared persistence (1)
Cobalt Strike Beacon (1)
Cobalt Strike Linux (1)
CoffeeLoader (1)
ColdRiver (1)
ColdStealer (1)
Condi (1)
Conflict (1)
Confluence (1)
Construction (1)
Conti-Inspired (1)
CoralRaider (1)
Cosmic Leopard (1)
CosmicEnergy (1)
Covenant Grunt (1)
Coyote (1)
CozyDuke (1)
Cozycar (1)
Cring (1)
CryptBot (1)
Crypto Wallet (1)
Cryptocurrency Mining (1)
Cryware (1)
CsdiMonetize (1)
Cthulhu (1)
Cuba Ransomware (1)
Cuba SIGINT monitoring United States (1)
Cuba cyber capabilities (1)
Cuba electronic warfare capabilities (1)
Cuba intelligence hub Caribbean (1)
Cuba signals intelligence operations (1)
Cuckoo (1)
CurCore (1)
CurKeep (1)
CurLog (1)
CurLu (1)
Cuttlefish (1)
Cyber Regiment (1)
CyberAv3ngers (1)
Cybercriminals (1)
Cybersecurity Threat (1)
Cybersecurity Threats (1)
Cyberwar (1)
DCHSpy (1)
DDR technique (1)
DEPTHCHARGE (1)
DEV-0569 (1)
DEV-1084 (1)
DISGOMOJI (1)
DLL side-loading (1)
DNG exploit (1)
DNS (1)
DOPLUGS (1)
DPRK Cyber Threats (1)
DPRK hackers (1)
Daggerfly (1)
Dark Halo (1)
DarkAngels (1)
DarkGate (1)
DarkSide (1)
Data Destruction (1)
Data Leak (1)
Daxin (1)
DcRAT (1)
DeFi targeting (1)
Deadbolt (1)
Deadglyph (1)
DeerStealer (1)
Defense Vertical (1)
Denonia (1)
DevPopper (1)
DevSecOps security (1)
Diaoyu Loader (1)
DigitStealer (1)
Discord C2 (1)
Disruption (1)
DnsSystem (1)
Donut Loader (1)
Dora RAT (1)
Downloader.Bitser (1)
Downloader.Climax.A (1)
Downloader.Climax.B (1)
Downloader.INNO (1)
DragonEgg (1)
DragonRank (1)
Dropper (1)
Dropper-as-a-service (1)
Dtrack (1)
DukeEugene (1)
Dukes (1)
EDDIESTEALER (1)
ELF/Sshdinjector.A!tr (1)
ESXi Targeting (1)
ESXi attacks (1)
ESXi ransomware (1)
ESXiArgs (1)
EV certificate abuse cybersecurity (1)
EX-22 (1)
Earth Aughisky (1)
Earth Baxia (1)
Earth Longzhi (1)
Earth Lusca (1)
Earth Yako (1)
Ebury (1)
Electron Bot (1)
Electronic (1)
Electronic Quds Force (1)
Elibomi (1)
Email (1)
Emergency Services (1)
Emerging (1)
Emissary Panda (1)
Endpoint Security (1)
Enemybot (1)
Enterprise Targeting (1)
EtherRAT (1)
Event Services (1)
EventHorizon (1)
Everything.exe (1)
EvilAI malware (1)
Exfiltrator-22 (1)
ExobotCompact (1)
Exploit Kit (1)
FOXGLOVE (1)
FOXTROT (1)
FRUITSHELL (1)
Fabookie (1)
FakePOC (1)
FakeReward (1)
FakeUpdate injector (1)
FastCash (1)
Faust (1)
FickleStealer (1)
FileManager plugin (1)
Fin12 (1)
Fin8 (1)
Finance (1)
FireScam (1)
First Seen (1)
FlawedGrace (1)
Flodrix Botnet (1)
Follina (1)
FormatLoader (1)
FoxBlade (1)
FrigidStealer (1)
Fudmodule Malware (1)
FunkSec (1)
GCleaner (1)
GNSS spoofing (1)
GRAPELOADER (1)
GREF (1)
Gamaredon (1)
GateDoor (1)
Gaza Cyber Gang (1)
Geacon (1)
Gemini API abuse (1)
Gemini abuse (1)
Generic.ClipBanker (1)
Gh0st RAT (1)
Ghost (1)
Ghost Writer (1)
GhostLocker (1)
GhostSec (1)
GhostSpider (1)
GhostWriter (1)
GiftedCrook (1)
GitHub (1)
GitHub malware distribution (1)
Go (1)
Go-based botnet (1)
GoBear (1)
GoLang (1)
GodRAT (1)
Godfather (1)
Godfather Malware (1)
Golang ransomware (1)
GolangGhost (1)
GoldDragon (1)
Golden Chollima (1)
Golden Crypt (1)
Goldoson (1)
Gomir (1)
Google Calendar C2 (1)
Google Play Store (1)
Gorilla Botnet (1)
GorillaBot (1)
Gotta Fly campaign (1)
Government Cyberattack (1)
Gozi (1)
Graphican (1)
GravityAdmin (1)
GravityRAT (1)
GrubbyRAT (1)
Guam (1)
Gunra Group (1)
Gunra Ransomware (1)
GwisinLocker (1)
HOLODONUT backdoor (1)
HTTPSnoop (1)
HZ Rat (1)
Handala (1)
Harly (1)
HavanaCrypt (1)
HeavyLift (1)
HelimodProxy (1)
HelimodRedirect (1)
HelimodSteal (1)
HellDown (1)
HelloKitty successor (1)
HermeticRansom (1)
HermeticWizard (1)
Hexane (1)
HiatusRat (1)
Hook (1)
Hook banking trojan (1)
Hoplight Lineage (1)
Hospital (1)
Hunters International (1)
HybridPetya (1)
Hyperscrape (1)
IAB (1)
ICP malware (1)
IIS (1)
IP cameras (1)
IPTV masquerade (1)
IRGC (1)
IRGC electronic warfare capabilities (1)
IT (1)
IT Army of Ukraine (1)
IZ1H9 (1)
IcRA (1)
IcSpy (1)
IceFire (1)
Inc ransomware links (1)
Information Technology (1)
Insurance (1)
InvisibleFerret payload (1)
IoT botnet attack (1)
IoT vulnerabilities (1)
Iran APT (1)
Iran US Israel war 2026 (1)
Iran cyber retaliation (1)
Iran internet blackout (1)
Iranian APT (1)
Iranian APT groups (1)
Iranian cyberattacks (1)
Iranian electronic warfare (1)
Iranian malware (1)
Iron Tiger (1)
IsaacWiper (1)
Israeli defense (1)
JLORAT (1)
JXA malware (1)
Jester Stealer (1)
KSwapDoor backdoor (1)
KV-Botnet (1)
KandyKorn (1)
Kapeka (1)
Karkoff malware analysis (1)
Katana (1)
Keylogging (1)
Khepri C2 (1)
KibOrg (1)
Kimwolf botnet (1)
Kinsing (1)
KoSpy (1)
Konfety malware (1)
Korplug (1)
Kraken ransomware (1)
KrustyLoader (1)
Kubernetes security (1)
LDAPNightmare (1)
LLM misuse (1)
LNK Malware (1)
LNK Worm (1)
LOLBins exploitation (1)
LOSTKEYS (1)
LOTUSLITE backdoor (1)
Lambda (1)
Landfall spyware (1)
Langflow Vulnerability (1)
Laplas Clipper (1)
LaunchAgent persistence (1)
Lazarus APT (1)
Ledger Live tampering (1)
Legal Services (1)
LemurLoot (1)
LgoogLoader (1)
Lightning Framework (1)
Lilith (1)
Lilithcrypt (1)
Linen Typhoon (1)
Linux IoT security (1)
Linux Ransomware Variant (1)
Linux malware framework (1)
Linux rootkit (1)
Linux security (1)
Linux server security (1)
Liontail (1)
LitterDrifter (1)
Living off the land (1)
LoLbins (1)
LoTL (1)
LockBit Ransomware (1)
LockbitBlack (1)
LolZarus (1)
Lolip0p (1)
Lotus Blossom (1)
Lotus Panda (1)
Lua scripts (1)
Luca Stealer (1)
LuckDLL (1)
Lumma (1)
Lumma C2 (1)
LummaStealer infostealer (1)
LunarLoader (1)
LunarMail (1)
LunarWeb (1)
Lyceum (1)
Lynx (1)
MASEPIE (1)
MAYBEROBOT (1)
MDM Abuse (1)
MGM Grand (1)
MKDOOR backdoor (1)
MOSCII Corporation malware (1)
MS Office (1)
MSDT (1)
MaaS Malware, Mobile RAT (1)
MacStealer (1)
MachineKey theft (1)
Mallox (1)
Malware Propagation (1)
Mandibule (1)
Mandrake (1)
Manjusaka (1)
Mario Encryptor (1)
Maritime (1)
Mars stealer (1)
Massiv malware (1)
Master File Table (1)
Maui (1)
MediaProjection API (1)
Medical (1)
Meduza (1)
Megazord (1)
MemFun backdoor (1)
Memory Dumping (1)
Mercury (1)
MgBot (1)
MicroBackdoor (1)
Middle East cyber attacks (1)
Middle East cyber threats (1)
Mimic (1)
MiniBrowse (1)
MiniDoor (1)
MiniJunk (1)
Mint Sandstorm (1)
MintsLoader (1)
Mobile Banking Trojan (1)
Molerats (1)
Monero (1)
Monster (1)
Monti (1)
Moonlock cybersecurity (1)
MoonstoneSleet (1)
MortalKombat (1)
MrAgent Tool (1)
MuddyRot (1)
Multi-Thread Encryption (1)
MyKLoadClient (1)
Mythic Leopard (1)
NATO targets (1)
NFC relay attack (1)
NFSkate (1)
NGO (1)
NGOs (1)
NLB (1)
NOBELIUM (1)
NODEBOT (1)
NOROBOT (1)
Nation-State Actor (1)
Nectar (1)
NetSupport RAT (1)
New Features (1)
Next.js vulnerability (1)
Nexus (1)
Nightdoor (1)
Nim (1)
NimDoor (1)
Nimblemamba (1)
Nimbus Manticore (1)
Nitrogen (1)
Nodaria (1)
Node.js malware (1)
Nokoyawa (1)
North Africa (1)
North America (1)
North Korea Cryptocurrency Theft (1)
North Korea Cyberespionage (1)
North Korean cyber threats (1)
North Korean threat actors (1)
NotDoor (1)
NotLockBit (1)
NotPetya (1)
NullMixer (1)
OCEANMAP (1)
OT (1)
Octo (1)
Office Monkeys (1)
OilRig (1)
OilRig APT34 campaign (1)
Onyx Sleet (1)
OpenClaw malicious Skills (1)
Operation Celestial Force (1)
Operation DreamJob (1)
Operation Endgame (1)
Operation Epic Fury, (1)
Operation Lion’s Roar (1)
Operation MidnightEclipse (1)
Operation Neusploit (1)
Operation RoundPress (1)
Operations (1)
Osiris ransomware (1)
OtterCookie backdoor (1)
Outlook backdoor (1)
Overlay Attack (1)
Owlproxy (1)
PAM malware (1)
POC (1)
POISON (1)
PRC cyber espionage (1)
PROMPTFLUX (1)
PROMPTLOCK (1)
PROMPTSTEAL (1)
PS1Bot (1)
PXA Stealer (1)
Pandora (1)
Parallax (1)
ParallaxRat (1)
Partial Encryption (1)
Pastebin C2 (1)
PathWiper (1)
Payment Switch (1)
Peach Sandstorm (1)
PeckBirdy framework (1)
PennyWise (1)
Pentesting (1)
Perfectl (1)
Persian Gulf maritime security (1)
Petya (1)
Phoenix Backdoor (1)
PicassoLoader (1)
PipeSnoop (1)
Pistachio Tempest (1)
Pitty Panda (1)
PixyNetLoader (1)
Plug X (1)
PlugX (1)
PolySkill trojan (1)
PondRAT (1)
PoolRAT (1)
Poortry driver (1)
PowerShell Attack (1)
Preft (1)
Pressure Chollima (1)
Prestige (1)
PrivateLoader (1)
Product Update (1)
Professional Services (1)
PromptLock malware (1)
PromptSpy (1)
Prophet Spider (1)
Proxy (1)
Proxyjacking (1)
PseudoManuscrypt (1)
Pteranodon (1)
Pterodo (1)
PumaBot malware (1)
PupkinStealer (1)
PurpleFox (1)
PyPI (1)
PylangGhost (1)
Pymafka (1)
Python Malware (1)
Python stealer (1)
QUIETVAULT (1)
Qakbot (1)
Qilin ransomware (1)
Quantum (1)
QuietCanary (1)
RA World (1)
RMM tools (1)
RTLShare (1)
RUSTRIC (1)
RaaS (1)
Racealer (1)
Racoon (1)
Ransom Knight (1)
RansomHouse Ransomware (1)
Ransomware Analysis (1)
RapperBot (1)
Raspberry Robin (1)
RatMilad (1)
RatOn (1)
React RCE (1)
Real Estate (1)
Realst (1)
Reaper (1)
Reflective DLL Injection (1)
Remcos (1)
Remote Administration Tool (1)
Remote Code Execution (1)
ResolverRAT (1)
RevivalStone (1)
Roaming Mantis (1)
RokRAT (1)
Roopy (1)
Rorschach (1)
Roudan (1)
Russia APT (1)
Russian state-sponsored cyber threats (1)
Russian threat actors (1)
Russian-speaking Threat Actors (1)
Rust implant (1)
RustBucket (1)
RustDoor (1)
Rustdesk modification (1)
RustyStealer (1)
RustyWater (1)
S3 outage telemetry (1)
SELinux manipulation (1)
SEO manipulation (1)
SHADOW-EARTH-045 (1)
SHADOW-VOID-044 (1)
SILENTKILL (1)
SKIPJACK (1)
SMB (1)
SMB exploitation (1)
SMS handler abuse (1)
SMTP cracker (1)
SMUGX (1)
SNAPPYBEE (1)
SOHO routers (1)
SOVA (1)
SSH (1)
SSH brute-force malware (1)
SSH client attack (1)
SSH persistence (1)
STEELHOOK (1)
Sagerunex (1)
Samsung zero-day (1)
SantaStealer (1)
Sardonic (1)
Satacom (1)
Scarred Manticore (1)
Scattered Spider (1)
ScoringMathTea (1)
Scraper (1)
Secure Boot bypass (1)
SecuriDropper (1)
Security Awareness (1)
Serkdes (1)
Serpent (1)
SessionManager (1)
SgnitLoader (1)
Shadow Campaigns (1)
Shadow Pad (1)
ShadowGuard rootkit (1)
ShadowPad (1)
Shaoye (1)
SharePoint vulnerabilities (1)
Sharkbot (1)
Shikitega (1)
ShortLoader (1)
ShroudedSnooper (1)
Shuckworm (1)
Siamese Kitten (1)
SideWalk (1)
Silver (1)
SilverFox (1)
SiyBot (1)
SloughRAT (1)
SmallTiger (1)
SmokeLoader (1)
Snowlight dropper (1)
SocGholish (1)
SocGholish downloader (1)
Sodinokibi (1)
SolyxImmortal (1)
South Asia (1)
South Korea (1)
Southeast Asia (1)
Space Pirates (1)
SparkCat (1)
SparkKitty (1)
SparklingGoblin (1)
Special Report (1)
SpectralBlur (1)
Spellbinder (1)
Spica (1)
SplitLoader (1)
Sponsor (1)
SprySOCKS (1)
SpyPress (1)
Spyder Loader (1)
Stack Rumbling (1)
StarProxy (1)
Starlink spoofing (1)
StayinAlive (1)
StealCV2 (1)
Stealth Falcon (1)
StellarParticle (1)
StilachiRAT (1)
Stonefly (1)
Storm-2603 (1)
Stormous (1)
Strait of Hormuz navigation disruption (1)
StrelaStealer (1)
StylerServ (1)
Subscriber (1)
Sugar (1)
SunSeed (1)
Surtr (1)
Surveillance (1)
Sword2033 (1)
Symbiote (1)
SysJoker (1)
SysUpdate (1)
TA577 (1)
TA578 (1)
TAG-150 (1)
TEA encryption (1)
TGR-STA-1030 (1)
TOUGHPROGRESS malware (1)
Taidoor (1)
Taikite (1)
Taleret (1)
TargetCompany (1)
TeamPCP (1)
Telegram phishing (1)
Telemiris (1)
Termius trojan (1)
TerraLogger (1)
TerraStealerV2 (1)
TetraLoader (1)
TgToxic (1)
TheWizards (1)
Threat Actor Profile (1)
ThreatFabric (1)
TigerRAT (1)
ToddyCat (1)
Tomiris (1)
ToneShell (1)
ToolShell (1)
ToxicPanda (1)
TraderTraitor (1)
Trend Micro (1)
Triada (1)
Trigonia (1)
Trinity (1)
Trojan malware (1)
Troll Stealer (1)
Truebot (1)
TunnusSched (1)
Twelve-Day War 2025 (1)
UAC-0097 (1)
UAC-0098 (1)
UAE (1)
UAT-6382 (1)
UDP backdoor (1)
UDPGangster (1)
UEFI (1)
UEFI bootkit (1)
UNC1069 (1)
UNC1151 (1)
UNC2452 (1)
UNC4841 (1)
UNC5221 (1)
UPSTYLE (1)
US critical infrastructure (1)
US government targeting (1)
US healthcare cybersecurity (1)
US–Cuba cyber security risks (1)
Ukraine Cyberattack (1)
United States (1)
Ursnif (1)
Utilities (1)
VBA macro (1)
VMware hypervisor (1)
VMware virtualization (1)
VNC malwar (1)
VPN phishing (1)
VShell backdoor (1)
VShell malware (1)
VajraSpy (1)
ValleyRAT (1)
VanHelsing (1)
Various (1)
Velvet Chollima (1)
Venom Spider (1)
Viasat (1)
Vice Society (1)
Vidar (1)
Vietnam (1)
Violet Typhoon (1)
Vixen Panda (1)
VoidLink malware (1)
Voldemort (1)
W4SP (1)
Wacatac (1)
WarHawk (1)
WarmCookie (1)
Wasabi exfiltration (1)
Web3 (1)
WhiteSnake (1)
Windows 11 (1)
WizardNet (1)
Woody RAT (1)
Wroba.o (1)
WyrmSpy (1)
XOR encryption (1)
XOR obfuscation (1)
XWorm (1)
Xamalicious (1)
Xorist (1)
YESROBOT (1)
YTTRIUM (1)
Ymir (1)
YouTube (1)
YouieLoad (1)
ZataNile (1)
ZeuS (1)
Zig programming language (1)
Zimbra (1)
Zloader (1)
Zoom phishing (1)
ZuRu malware (1)
Zupdax (1)
ad fraud operations (1)
adaptive stealth (1)
anti-EDR (1)
anti-VM checks (1)
anti-detection services (1)
automated transfer system (1)
aviation industry threats (1)
backdoor threat (1)
banking app hijacking (1)
brc4 (1)
cloud infrastructure security (1)
cloud resilience (1)
cloud-native malware (1)
command injection (1)
command-and-control (1)
container escape (1)
container security (1)
credential harvesting (1)
critical infrastructure warfare (1)
crylock (1)
cryptocurrency app attacks (1)
cryptocurrency mining botnet (1)
cryptocurrency wallet takeover (1)
cryptocurrency wallet theft (1)
custom C++ implant (1)
cyber warfare Iran APT groups (1)
cybersecurity defense (1)
data encryption (1)
decentralized C2 (1)
deepfake (1)
defense manufacturing (1)
developer security (1)
dynamic code loading (1)
dynamic obfuscation (1)
eBPF backdoor (1)
email exfiltration (1)
email stealer (1)
encryption (1)
encryption evolution (1)
espionage campaign (1)
evolving (1)
fake NFC overlay (1)
file encryption (1)
fileless malware (1)
financial fraud (1)
financial malware (1)
financial sector threats (1)
generative AI (1)
geopolitical lure (1)
global reconnaissance (1)
government targeting (1)
healthcare data breaches (1)
healthcare operational disruptions (1)
healthcare ransomware attacks (1)
hidden APK components (1)
high-value target attacks (1)
hospital cyber threats (1)
hybrid warfare (1)
hybrid warfare Iran cyber strategy (1)
iOS malware (1)
in-memory execution (1)
infostealer payloads (1)
initial access broker (1)
ios (1)
macOS backdoor (1)
macOS infostealer (1)
macOS security bypass (1)
malicious filename (1)
malvertising (1)
malware campaign (1)
malware infection chain (1)
malware infrastructure (1)
malware loader (1)
malware persistence (1)
maritime GPS spoofing (1)
military targeting (1)
mobile banking (1)
mobile banking fraud (1)
mobile espionage (1)
mobile malware (1)
mobile security analysis (1)
mobile security threats (1)
multi-factor authentication (1)
network intelligence (1)
new ransomware family (1)
npm malware (1)
on-device virtualization (1)
on-premises exploitation (1)
password stealer (1)
patient data theft (1)
persistence module (1)
persistence technique (1)
persistent access (1)
phishing overlay (1)
photo exfiltration (1)
post-exploitation activity (1)
post-exploitation framework (1)
process injection (1)
proof of concept (1)
public sector malware (1)
ransomware 2025 (1)
ransomware defense (1)
ransomware groups 2025 (1)
ransomware healthcare 2025 (1)
ransomware overlay (1)
ransomware trends (1)
ransomware upgrade (1)
remote access backdoor (1)
remote control Android (1)
rootkit (1)
runtime injection (1)
screen recording malware (1)
screenshot capture (1)
secondary DEX files (1)
shellcode injector (1)
social engineering attacks (1)
software supply chain attack (1)
southern Europe threats (1)
spyware distribution (1)
state-aligned threat (1)
state-sponsored AI (1)
stealthy authentication bypass (1)
steganography (1)
stolen code signing certificate malware (1)
story of the year (1)
strategic web compromise (1)
supply chain compromise (1)
supply chain cyber attack Thailand (1)
targeting (1)
token harvesting malware (1)
trends (1)
watering hole attacks (1)
web shell deployment (1)
x86 (1)
xls (1)
zero-day exploits (1)

see all

Posts by Topic

Threat Bulletin (385)
Ransomware (83)
Linux (34)
Android (33)
Emerging Threat (31)
China (29)
PolySwarm (29)
Russia (29)
Backdoor (26)
Espionage (25)
Evolving Threat (24)
Ukraine (24)
Product (23)
Government (22)
Infostealer (21)
Critical Infrastructure (20)
Stealer (20)
North Korea (18)
Windows (17)
MacOS (16)
RAT (16)
Energy (15)
Healthcare (15)
Malware (15)
Mobile (15)
Partner (15)
Cryptocurrency (14)
Explained (14)
Financial (14)
Trojan (14)
Loader (11)
LockBit (11)
Research (11)
ALPHV (10)
Iran (10)
Middle East (10)
Banking Trojan (9)
Blockchain (9)
Telecommunications (9)
APT (8)
Android Malware (8)
Asia (8)
Banker (8)
Banking (8)
Engine (8)
Spyware (8)
2022 Recap (7)
APAC (7)
Botnet (7)
Data Exfiltration (6)
Media (6)
TTPs (6)
Wiper (6)
2024 (5)
Charming Kitten (5)
Cl0p (5)
DDoS (5)
Europe (5)
Fancy Bear (5)
India (5)
Insider (5)
Mac (5)
Phishing (5)
Press (5)
Rhysida (5)
Spear Phishing (5)
credential theft (5)
cyber espionage (5)
2023 Recap (4)
BlackCat (4)
Cobalt Strike (4)
Cryptocurrency Theft (4)
DLL sideloading (4)
Data Theft (4)
INC (4)
IcedID (4)
Linux Malware (4)
Lockbit 3.0 (4)
Malware-As-A-Service (4)
Manufacturing (4)
Mirai (4)
Primitive Bear (4)
Royal (4)
Static Kitten (4)
Technology (4)
Threat Hunting (4)
Wicked Panda (4)
Windows Malware (4)
Winnti (4)
overlay attacks (4)
social engineering (4)
2023 (3)
APT41 (3)
Aerospace (3)
Akira Ransomware (3)
Android banking trojan (3)
BPFDoor (3)
Babuk (3)
Black Basta (3)
BlackSuit (3)
Bumblebee (3)
Cerber (3)
Conti (3)
Cozy Bear (3)
Cryptominer (3)
Cybercrime (3)
Defense (3)
ESXi (3)
Education (3)
Evasive Panda (3)
Events (3)
Extortion (3)
Gaza (3)
Hacktivism (3)
Hive (3)
ICS (3)
Interview (3)
Israel (3)
Lazarus (3)
Leadership (3)
MENA (3)
MOVEit (3)
MacOS malware (3)
Malware Analysis (3)
Military (3)
Muddy Water (3)
MuddyWater (3)
Mustang Panda (3)
Pakistan (3)
Palestine (3)
Phishing Campaigns (3)
PowerShell (3)
Python (3)
RansomHub (3)
Recap (3)
Red Menshen (3)
RedLine Stealer (3)
Remote Access Trojan (3)
SpyNote (3)
StealC (3)
Volt Typhoon (3)
VooDoo Bear (3)
accessibility service abuse (3)
double extortion (3)
information stealer (3)
2FA (2)
AES-256-CBC encryption (2)
APT35 (2)
APT36 (2)
Accessibility Services abuse (2)
AcidRain (2)
Akira (2)
Anatsa (2)
Android Overlay Attacks (2)
Android Spyware (2)
Apple (2)
Armageddon (2)
AsyncRAT (2)
Atomic macOS Stealer (2)
Belarus (2)
BiBi-Linux (2)
Bitter APT (2)
BlackBasta (2)
BlackByte (2)
Brunhilda (2)
BunnyLoader (2)
C2 framework (2)
CAPTCHA (2)
CVE-2023-22518 (2)
CVE-2023-34362 (2)
CVE-2024-40766 (2)
CaddyWiper (2)
Cadet Blizzard (2)
CapraRAT (2)
CastleLoader (2)
ClayRAT (2)
ClickFix (2)
Crocodilus (2)
Cross-Platform Ransomware (2)
Cuba (2)
Cyber Warfare (2)
Cybersecurity (2)
DDoS Attacks (2)
DanaBot (2)
Deed RAT (2)
Disbuk (2)
Discord (2)
Downloader (2)
DragonForce (2)
DroxiDat (2)
Emotet (2)
Ermac (2)
Famous Chollima (2)
Gallium (2)
Gameredon (2)
Gaming (2)
Hamas (2)
HermeticWiper (2)
IRGC cyber operations (2)
Industroyer2 (2)
IoT (2)
Killnet (2)
Kimsuky (2)
Knight (2)
Kopiluwak (2)
LNK (2)
Labyrinth Chollima (2)
Latin America (2)
Latrodectus (2)
Lazarus Group (2)
Linux backdoor (2)
LummaC2 (2)
MOIS (2)
MaaS (2)
Medusa (2)
Microsoft (2)
Middle East targeting (2)
Mobile Security (2)
NCT (2)
Nuclear (2)
ONG (2)
Oil & Gas (2)
Phishing Attacks (2)
Phishing Campaign (2)
Phobos (2)
PingPull (2)
Play (2)
Poland (2)
PowerShell malware (2)
Predictions (2)
QNAP (2)
Qbot (2)
REvil (2)
Ransomware Campaign (2)
RedStinger (2)
Redline (2)
Remcos RAT (2)
Rhadamanthys (2)
Ricochet Chollima (2)
Rust (2)
Rust Malware (2)
SSL VPN (2)
Salt Typhoon (2)
Sandworm (2)
Security (2)
Sidewinder (2)
Silent Chollima (2)
SonicWall VPN (2)
Speaking (2)
Star Blizzard (2)
Stardust Chollima (2)
Supply Chain Attack (2)
SystemBC (2)
Threat Bounty (2)
Threat Landscape (2)
Transportation (2)
Turla (2)
US (2)
VBA macros (2)
Venomous Bear (2)
Voodoobear (2)
Vultur (2)
WhisperGate (2)
Wiper Malware (2)
Xloader (2)
YoroTrooper (2)
anti-analysis techniques (2)
credential stealers (2)
cryptocurrency stealers (2)
device takeover (2)
framework (2)
keylogger (2)
lockscreen bypass (2)
macOS security (2)
malware obfuscation (2)
mobile threat evolution (2)
on-device fraud (2)
.NET DNS Backdoor (1)
.NET Malware (1)
2024 Recap (1)
2025 malware trends (1)
64-bit (1)
8base (1)
AHKBOT (1)
AI Server Security (1)
AI agent supply chain attack (1)
AI cybersecurity threats (1)
AI-enabled malware (1)
AI-generated malware (1)
AI-generated trojans (1)
AI-powered ransomware (1)
AIRASHI (1)
AIS manipulation (1)
AMOS info stealer (1)
AMOS malware (1)
API Hashing (1)
APK (1)
APT 38 (1)
APT 45 (1)
APT techniques (1)
APT24 (1)
APT27 (1)
APT28 (1)
APT29 (1)
APT33 (1)
APT37 (1)
APT42 (1)
AWS (1)
AWS EC2 outage (1)
AWS data center attack (1)
AWS outage Middle East (1)
AXLocker (1)
AcidPour (1)
AdaptixC2 (1)
Administrative Console (1)
Adware (1)
Agenda Ransomware (1)
AhMyth (1)
AhRAT (1)
AirWatch API (1)
Airstalk Malware (1)
Aisuru variant (1)
Ajina (1)
Albiriox (1)
Amadey (1)
Andariel (1)
Android Security (1)
Android evasion techniques (1)
Android surveillanceware (1)
Andromeda (1)
Androxgh0st (1)
App Store (1)
Apple Silicon evasion (1)
AppleChris malware (1)
AppleScript (1)
Aquatic Panda (1)
Arbiter (1)
Archer RAT (1)
AresLoader (1)
Argentina targeting (1)
ArguePatch (1)
Asylum Ambuscade (1)
AsyncRAT trojan (1)
Atomic Wallet (1)
Authentication (1)
Avanti (1)
Aviation (1)
AvosLocker (1)
AxBanker (1)
Axiom (1)
Azov (1)
BBTok (1)
BERT ransomware (1)
BH_A006 (1)
BITS (1)
BOINC (1)
BYOVD attack (1)
BabbleLoader (1)
Bad Magic (1)
BadAudio (1)
BadBazaar (1)
BadIIS (1)
BadSpace (1)
Banshee (1)
Baron Samedit (1)
Bash payload (1)
Baton Drop (1)
Baxtoy (1)
BazaLoader (1)
BazarBackdoor (1)
BazarLoader (1)
BeaverTail malware (1)
Betruger (1)
BiBi-Windows (1)
BianLian (1)
BitSloth (1)
BlackByte NT (1)
BlackLotus (1)
BlackMatter (1)
BloodAlchemy (1)
BlueNoroff (1)
BokBot (1)
Bootkit (1)
BoratRAT (1)
Botnet Mitigation (1)
BrainCipher (1)
BrainCypher (1)
Brokewell (1)
Browser Exfiltration (1)
Brute Ratel (1)
BugSleep (1)
BunnyLoader 3.0 (1)
Buxzop (1)
Bybit (1)
C language malware (1)
C# malware (1)
C-Joker (1)
C3RB3R (1)
CAPTCHA Campaign (1)
CI/CD compromise (1)
CIS (1)
CL-STA-1009 (1)
CMS (1)
COLDRIVER malware (1)
CVE-2017-7921 (1)
CVE-2021-21974 (1)
CVE-2021-33044 (1)
CVE-2021-3493 (1)
CVE-2021-4034 (1)
CVE-2022-21894 (1)
CVE-2022-26134 (1)
CVE-2022-30190 (1)
CVE-2022-31199 (1)
CVE-2022-47986 (1)
CVE-2023-1389 (1)
CVE-2023-2868 (1)
CVE-2023-36025 (1)
CVE-2023-46604 (1)
CVE-2024-21412 (1)
CVE-2024-3400 (1)
CVE-2024-7344 (1)
CVE-2025-0994 (1)
CVE-2025-21042 (1)
CVE-2025-3248 (1)
CVE-2025-49704 (1)
CVE-2025-49706 (1)
CVE-2025-53770 (1)
CVE-2025-53771 (1)
CVE-2025-55182 (1)
CVE-2026-21509 (1)
Cactus (1)
CanisterWorm (1)
Canopy (1)
Carderbee (1)
Caribbean undersea cable security (1)
CastleRAT (1)
CatB (1)
CatB99 (1)
Central Asia (1)
Cerber2021 (1)
CerberImposter (1)
ChaCha20 encryption (1)
Chaos (1)
Chaos RAT (1)
Charon ransomware (1)
Chemical (1)
China cyber espionage (1)
China-aligned APT (1)
Chinese Cyber Espionage (1)
Chinese nation-state actors (1)
Chinese threat actors (1)
Chocolatey (1)
Chollima (1)
ChromeKatz (1)
Cicada3301 (1)
Citrix NetScaler (1)
Cl0p ransomware (1)
ClawHavoc (1)
ClawHub poisoning (1)
ClickFix lure (1)
ClickFix social engineering (1)
Clipping & Switching (1)
Cloud Service Abuse (1)
Cloudflared persistence (1)
Cobalt Strike Beacon (1)
Cobalt Strike Linux (1)
CoffeeLoader (1)
ColdRiver (1)
ColdStealer (1)
Condi (1)
Conflict (1)
Confluence (1)
Construction (1)
Conti-Inspired (1)
CoralRaider (1)
Cosmic Leopard (1)
CosmicEnergy (1)
Covenant Grunt (1)
Coyote (1)
CozyDuke (1)
Cozycar (1)
Cring (1)
CryptBot (1)
Crypto Wallet (1)
Cryptocurrency Mining (1)
Cryware (1)
CsdiMonetize (1)
Cthulhu (1)
Cuba Ransomware (1)
Cuba SIGINT monitoring United States (1)
Cuba cyber capabilities (1)
Cuba electronic warfare capabilities (1)
Cuba intelligence hub Caribbean (1)
Cuba signals intelligence operations (1)
Cuckoo (1)
CurCore (1)
CurKeep (1)
CurLog (1)
CurLu (1)
Cuttlefish (1)
Cyber Regiment (1)
CyberAv3ngers (1)
Cybercriminals (1)
Cybersecurity Threat (1)
Cybersecurity Threats (1)
Cyberwar (1)
DCHSpy (1)
DDR technique (1)
DEPTHCHARGE (1)
DEV-0569 (1)
DEV-1084 (1)
DISGOMOJI (1)
DLL side-loading (1)
DNG exploit (1)
DNS (1)
DOPLUGS (1)
DPRK Cyber Threats (1)
DPRK hackers (1)
Daggerfly (1)
Dark Halo (1)
DarkAngels (1)
DarkGate (1)
DarkSide (1)
Data Destruction (1)
Data Leak (1)
Daxin (1)
DcRAT (1)
DeFi targeting (1)
Deadbolt (1)
Deadglyph (1)
DeerStealer (1)
Defense Vertical (1)
Denonia (1)
DevPopper (1)
DevSecOps security (1)
Diaoyu Loader (1)
DigitStealer (1)
Discord C2 (1)
Disruption (1)
DnsSystem (1)
Donut Loader (1)
Dora RAT (1)
Downloader.Bitser (1)
Downloader.Climax.A (1)
Downloader.Climax.B (1)
Downloader.INNO (1)
DragonEgg (1)
DragonRank (1)
Dropper (1)
Dropper-as-a-service (1)
Dtrack (1)
DukeEugene (1)
Dukes (1)
EDDIESTEALER (1)
ELF/Sshdinjector.A!tr (1)
ESXi Targeting (1)
ESXi attacks (1)
ESXi ransomware (1)
ESXiArgs (1)
EV certificate abuse cybersecurity (1)
EX-22 (1)
Earth Aughisky (1)
Earth Baxia (1)
Earth Longzhi (1)
Earth Lusca (1)
Earth Yako (1)
Ebury (1)
Electron Bot (1)
Electronic (1)
Electronic Quds Force (1)
Elibomi (1)
Email (1)
Emergency Services (1)
Emerging (1)
Emissary Panda (1)
Endpoint Security (1)
Enemybot (1)
Enterprise Targeting (1)
EtherRAT (1)
Event Services (1)
EventHorizon (1)
Everything.exe (1)
EvilAI malware (1)
Exfiltrator-22 (1)
ExobotCompact (1)
Exploit Kit (1)
FOXGLOVE (1)
FOXTROT (1)
FRUITSHELL (1)
Fabookie (1)
FakePOC (1)
FakeReward (1)
FakeUpdate injector (1)
FastCash (1)
Faust (1)
FickleStealer (1)
FileManager plugin (1)
Fin12 (1)
Fin8 (1)
Finance (1)
FireScam (1)
First Seen (1)
FlawedGrace (1)
Flodrix Botnet (1)
Follina (1)
FormatLoader (1)
FoxBlade (1)
FrigidStealer (1)
Fudmodule Malware (1)
FunkSec (1)
GCleaner (1)
GNSS spoofing (1)
GRAPELOADER (1)
GREF (1)
Gamaredon (1)
GateDoor (1)
Gaza Cyber Gang (1)
Geacon (1)
Gemini API abuse (1)
Gemini abuse (1)
Generic.ClipBanker (1)
Gh0st RAT (1)
Ghost (1)
Ghost Writer (1)
GhostLocker (1)
GhostSec (1)
GhostSpider (1)
GhostWriter (1)
GiftedCrook (1)
GitHub (1)
GitHub malware distribution (1)
Go (1)
Go-based botnet (1)
GoBear (1)
GoLang (1)
GodRAT (1)
Godfather (1)
Godfather Malware (1)
Golang ransomware (1)
GolangGhost (1)
GoldDragon (1)
Golden Chollima (1)
Golden Crypt (1)
Goldoson (1)
Gomir (1)
Google Calendar C2 (1)
Google Play Store (1)
Gorilla Botnet (1)
GorillaBot (1)
Gotta Fly campaign (1)
Government Cyberattack (1)
Gozi (1)
Graphican (1)
GravityAdmin (1)
GravityRAT (1)
GrubbyRAT (1)
Guam (1)
Gunra Group (1)
Gunra Ransomware (1)
GwisinLocker (1)
HOLODONUT backdoor (1)
HTTPSnoop (1)
HZ Rat (1)
Handala (1)
Harly (1)
HavanaCrypt (1)
HeavyLift (1)
HelimodProxy (1)
HelimodRedirect (1)
HelimodSteal (1)
HellDown (1)
HelloKitty successor (1)
HermeticRansom (1)
HermeticWizard (1)
Hexane (1)
HiatusRat (1)
Hook (1)
Hook banking trojan (1)
Hoplight Lineage (1)
Hospital (1)
Hunters International (1)
HybridPetya (1)
Hyperscrape (1)
IAB (1)
ICP malware (1)
IIS (1)
IP cameras (1)
IPTV masquerade (1)
IRGC (1)
IRGC electronic warfare capabilities (1)
IT (1)
IT Army of Ukraine (1)
IZ1H9 (1)
IcRA (1)
IcSpy (1)
IceFire (1)
Inc ransomware links (1)
Information Technology (1)
Insurance (1)
InvisibleFerret payload (1)
IoT botnet attack (1)
IoT vulnerabilities (1)
Iran APT (1)
Iran US Israel war 2026 (1)
Iran cyber retaliation (1)
Iran internet blackout (1)
Iranian APT (1)
Iranian APT groups (1)
Iranian cyberattacks (1)
Iranian electronic warfare (1)
Iranian malware (1)
Iron Tiger (1)
IsaacWiper (1)
Israeli defense (1)
JLORAT (1)
JXA malware (1)
Jester Stealer (1)
KSwapDoor backdoor (1)
KV-Botnet (1)
KandyKorn (1)
Kapeka (1)
Karkoff malware analysis (1)
Katana (1)
Keylogging (1)
Khepri C2 (1)
KibOrg (1)
Kimwolf botnet (1)
Kinsing (1)
KoSpy (1)
Konfety malware (1)
Korplug (1)
Kraken ransomware (1)
KrustyLoader (1)
Kubernetes security (1)
LDAPNightmare (1)
LLM misuse (1)
LNK Malware (1)
LNK Worm (1)
LOLBins exploitation (1)
LOSTKEYS (1)
LOTUSLITE backdoor (1)
Lambda (1)
Landfall spyware (1)
Langflow Vulnerability (1)
Laplas Clipper (1)
LaunchAgent persistence (1)
Lazarus APT (1)
Ledger Live tampering (1)
Legal Services (1)
LemurLoot (1)
LgoogLoader (1)
Lightning Framework (1)
Lilith (1)
Lilithcrypt (1)
Linen Typhoon (1)
Linux IoT security (1)
Linux Ransomware Variant (1)
Linux malware framework (1)
Linux rootkit (1)
Linux security (1)
Linux server security (1)
Liontail (1)
LitterDrifter (1)
Living off the land (1)
LoLbins (1)
LoTL (1)
LockBit Ransomware (1)
LockbitBlack (1)
LolZarus (1)
Lolip0p (1)
Lotus Blossom (1)
Lotus Panda (1)
Lua scripts (1)
Luca Stealer (1)
LuckDLL (1)
Lumma (1)
Lumma C2 (1)
LummaStealer infostealer (1)
LunarLoader (1)
LunarMail (1)
LunarWeb (1)
Lyceum (1)
Lynx (1)
MASEPIE (1)
MAYBEROBOT (1)
MDM Abuse (1)
MGM Grand (1)
MKDOOR backdoor (1)
MOSCII Corporation malware (1)
MS Office (1)
MSDT (1)
MaaS Malware, Mobile RAT (1)
MacStealer (1)
MachineKey theft (1)
Mallox (1)
Malware Propagation (1)
Mandibule (1)
Mandrake (1)
Manjusaka (1)
Mario Encryptor (1)
Maritime (1)
Mars stealer (1)
Massiv malware (1)
Master File Table (1)
Maui (1)
MediaProjection API (1)
Medical (1)
Meduza (1)
Megazord (1)
MemFun backdoor (1)
Memory Dumping (1)
Mercury (1)
MgBot (1)
MicroBackdoor (1)
Middle East cyber attacks (1)
Middle East cyber threats (1)
Mimic (1)
MiniBrowse (1)
MiniDoor (1)
MiniJunk (1)
Mint Sandstorm (1)
MintsLoader (1)
Mobile Banking Trojan (1)
Molerats (1)
Monero (1)
Monster (1)
Monti (1)
Moonlock cybersecurity (1)
MoonstoneSleet (1)
MortalKombat (1)
MrAgent Tool (1)
MuddyRot (1)
Multi-Thread Encryption (1)
MyKLoadClient (1)
Mythic Leopard (1)
NATO targets (1)
NFC relay attack (1)
NFSkate (1)
NGO (1)
NGOs (1)
NLB (1)
NOBELIUM (1)
NODEBOT (1)
NOROBOT (1)
Nation-State Actor (1)
Nectar (1)
NetSupport RAT (1)
New Features (1)
Next.js vulnerability (1)
Nexus (1)
Nightdoor (1)
Nim (1)
NimDoor (1)
Nimblemamba (1)
Nimbus Manticore (1)
Nitrogen (1)
Nodaria (1)
Node.js malware (1)
Nokoyawa (1)
North Africa (1)
North America (1)
North Korea Cryptocurrency Theft (1)
North Korea Cyberespionage (1)
North Korean cyber threats (1)
North Korean threat actors (1)
NotDoor (1)
NotLockBit (1)
NotPetya (1)
NullMixer (1)
OCEANMAP (1)
OT (1)
Octo (1)
Office Monkeys (1)
OilRig (1)
OilRig APT34 campaign (1)
Onyx Sleet (1)
OpenClaw malicious Skills (1)
Operation Celestial Force (1)
Operation DreamJob (1)
Operation Endgame (1)
Operation Epic Fury, (1)
Operation Lion’s Roar (1)
Operation MidnightEclipse (1)
Operation Neusploit (1)
Operation RoundPress (1)
Operations (1)
Osiris ransomware (1)
OtterCookie backdoor (1)
Outlook backdoor (1)
Overlay Attack (1)
Owlproxy (1)
PAM malware (1)
POC (1)
POISON (1)
PRC cyber espionage (1)
PROMPTFLUX (1)
PROMPTLOCK (1)
PROMPTSTEAL (1)
PS1Bot (1)
PXA Stealer (1)
Pandora (1)
Parallax (1)
ParallaxRat (1)
Partial Encryption (1)
Pastebin C2 (1)
PathWiper (1)
Payment Switch (1)
Peach Sandstorm (1)
PeckBirdy framework (1)
PennyWise (1)
Pentesting (1)
Perfectl (1)
Persian Gulf maritime security (1)
Petya (1)
Phoenix Backdoor (1)
PicassoLoader (1)
PipeSnoop (1)
Pistachio Tempest (1)
Pitty Panda (1)
PixyNetLoader (1)
Plug X (1)
PlugX (1)
PolySkill trojan (1)
PondRAT (1)
PoolRAT (1)
Poortry driver (1)
PowerShell Attack (1)
Preft (1)
Pressure Chollima (1)
Prestige (1)
PrivateLoader (1)
Product Update (1)
Professional Services (1)
PromptLock malware (1)
PromptSpy (1)
Prophet Spider (1)
Proxy (1)
Proxyjacking (1)
PseudoManuscrypt (1)
Pteranodon (1)
Pterodo (1)
PumaBot malware (1)
PupkinStealer (1)
PurpleFox (1)
PyPI (1)
PylangGhost (1)
Pymafka (1)
Python Malware (1)
Python stealer (1)
QUIETVAULT (1)
Qakbot (1)
Qilin ransomware (1)
Quantum (1)
QuietCanary (1)
RA World (1)
RMM tools (1)
RTLShare (1)
RUSTRIC (1)
RaaS (1)
Racealer (1)
Racoon (1)
Ransom Knight (1)
RansomHouse Ransomware (1)
Ransomware Analysis (1)
RapperBot (1)
Raspberry Robin (1)
RatMilad (1)
RatOn (1)
React RCE (1)
Real Estate (1)
Realst (1)
Reaper (1)
Reflective DLL Injection (1)
Remcos (1)
Remote Administration Tool (1)
Remote Code Execution (1)
ResolverRAT (1)
RevivalStone (1)
Roaming Mantis (1)
RokRAT (1)
Roopy (1)
Rorschach (1)
Roudan (1)
Russia APT (1)
Russian state-sponsored cyber threats (1)
Russian threat actors (1)
Russian-speaking Threat Actors (1)
Rust implant (1)
RustBucket (1)
RustDoor (1)
Rustdesk modification (1)
RustyStealer (1)
RustyWater (1)
S3 outage telemetry (1)
SELinux manipulation (1)
SEO manipulation (1)
SHADOW-EARTH-045 (1)
SHADOW-VOID-044 (1)
SILENTKILL (1)
SKIPJACK (1)
SMB (1)
SMB exploitation (1)
SMS handler abuse (1)
SMTP cracker (1)
SMUGX (1)
SNAPPYBEE (1)
SOHO routers (1)
SOVA (1)
SSH (1)
SSH brute-force malware (1)
SSH client attack (1)
SSH persistence (1)
STEELHOOK (1)
Sagerunex (1)
Samsung zero-day (1)
SantaStealer (1)
Sardonic (1)
Satacom (1)
Scarred Manticore (1)
Scattered Spider (1)
ScoringMathTea (1)
Scraper (1)
Secure Boot bypass (1)
SecuriDropper (1)
Security Awareness (1)
Serkdes (1)
Serpent (1)
SessionManager (1)
SgnitLoader (1)
Shadow Campaigns (1)
Shadow Pad (1)
ShadowGuard rootkit (1)
ShadowPad (1)
Shaoye (1)
SharePoint vulnerabilities (1)
Sharkbot (1)
Shikitega (1)
ShortLoader (1)
ShroudedSnooper (1)
Shuckworm (1)
Siamese Kitten (1)
SideWalk (1)
Silver (1)
SilverFox (1)
SiyBot (1)
SloughRAT (1)
SmallTiger (1)
SmokeLoader (1)
Snowlight dropper (1)
SocGholish (1)
SocGholish downloader (1)
Sodinokibi (1)
SolyxImmortal (1)
South Asia (1)
South Korea (1)
Southeast Asia (1)
Space Pirates (1)
SparkCat (1)
SparkKitty (1)
SparklingGoblin (1)
Special Report (1)
SpectralBlur (1)
Spellbinder (1)
Spica (1)
SplitLoader (1)
Sponsor (1)
SprySOCKS (1)
SpyPress (1)
Spyder Loader (1)
Stack Rumbling (1)
StarProxy (1)
Starlink spoofing (1)
StayinAlive (1)
StealCV2 (1)
Stealth Falcon (1)
StellarParticle (1)
StilachiRAT (1)
Stonefly (1)
Storm-2603 (1)
Stormous (1)
Strait of Hormuz navigation disruption (1)
StrelaStealer (1)
StylerServ (1)
Subscriber (1)
Sugar (1)
SunSeed (1)
Surtr (1)
Surveillance (1)
Sword2033 (1)
Symbiote (1)
SysJoker (1)
SysUpdate (1)
TA577 (1)
TA578 (1)
TAG-150 (1)
TEA encryption (1)
TGR-STA-1030 (1)
TOUGHPROGRESS malware (1)
Taidoor (1)
Taikite (1)
Taleret (1)
TargetCompany (1)
TeamPCP (1)
Telegram phishing (1)
Telemiris (1)
Termius trojan (1)
TerraLogger (1)
TerraStealerV2 (1)
TetraLoader (1)
TgToxic (1)
TheWizards (1)
Threat Actor Profile (1)
ThreatFabric (1)
TigerRAT (1)
ToddyCat (1)
Tomiris (1)
ToneShell (1)
ToolShell (1)
ToxicPanda (1)
TraderTraitor (1)
Trend Micro (1)
Triada (1)
Trigonia (1)
Trinity (1)
Trojan malware (1)
Troll Stealer (1)
Truebot (1)
TunnusSched (1)
Twelve-Day War 2025 (1)
UAC-0097 (1)
UAC-0098 (1)
UAE (1)
UAT-6382 (1)
UDP backdoor (1)
UDPGangster (1)
UEFI (1)
UEFI bootkit (1)
UNC1069 (1)
UNC1151 (1)
UNC2452 (1)
UNC4841 (1)
UNC5221 (1)
UPSTYLE (1)
US critical infrastructure (1)
US government targeting (1)
US healthcare cybersecurity (1)
US–Cuba cyber security risks (1)
Ukraine Cyberattack (1)
United States (1)
Ursnif (1)
Utilities (1)
VBA macro (1)
VMware hypervisor (1)
VMware virtualization (1)
VNC malwar (1)
VPN phishing (1)
VShell backdoor (1)
VShell malware (1)
VajraSpy (1)
ValleyRAT (1)
VanHelsing (1)
Various (1)
Velvet Chollima (1)
Venom Spider (1)
Viasat (1)
Vice Society (1)
Vidar (1)
Vietnam (1)
Violet Typhoon (1)
Vixen Panda (1)
VoidLink malware (1)
Voldemort (1)
W4SP (1)
Wacatac (1)
WarHawk (1)
WarmCookie (1)
Wasabi exfiltration (1)
Web3 (1)
WhiteSnake (1)
Windows 11 (1)
WizardNet (1)
Woody RAT (1)
Wroba.o (1)
WyrmSpy (1)
XOR encryption (1)
XOR obfuscation (1)
XWorm (1)
Xamalicious (1)
Xorist (1)
YESROBOT (1)
YTTRIUM (1)
Ymir (1)
YouTube (1)
YouieLoad (1)
ZataNile (1)
ZeuS (1)
Zig programming language (1)
Zimbra (1)
Zloader (1)
Zoom phishing (1)
ZuRu malware (1)
Zupdax (1)
ad fraud operations (1)
adaptive stealth (1)
anti-EDR (1)
anti-VM checks (1)
anti-detection services (1)
automated transfer system (1)
aviation industry threats (1)
backdoor threat (1)
banking app hijacking (1)
brc4 (1)
cloud infrastructure security (1)
cloud resilience (1)
cloud-native malware (1)
command injection (1)
command-and-control (1)
container escape (1)
container security (1)
credential harvesting (1)
critical infrastructure warfare (1)
crylock (1)
cryptocurrency app attacks (1)
cryptocurrency mining botnet (1)
cryptocurrency wallet takeover (1)
cryptocurrency wallet theft (1)
custom C++ implant (1)
cyber warfare Iran APT groups (1)
cybersecurity defense (1)
data encryption (1)
decentralized C2 (1)
deepfake (1)
defense manufacturing (1)
developer security (1)
dynamic code loading (1)
dynamic obfuscation (1)
eBPF backdoor (1)
email exfiltration (1)
email stealer (1)
encryption (1)
encryption evolution (1)
espionage campaign (1)
evolving (1)
fake NFC overlay (1)
file encryption (1)
fileless malware (1)
financial fraud (1)
financial malware (1)
financial sector threats (1)
generative AI (1)
geopolitical lure (1)
global reconnaissance (1)
government targeting (1)
healthcare data breaches (1)
healthcare operational disruptions (1)
healthcare ransomware attacks (1)
hidden APK components (1)
high-value target attacks (1)
hospital cyber threats (1)
hybrid warfare (1)
hybrid warfare Iran cyber strategy (1)
iOS malware (1)
in-memory execution (1)
infostealer payloads (1)
initial access broker (1)
ios (1)
macOS backdoor (1)
macOS infostealer (1)
macOS security bypass (1)
malicious filename (1)
malvertising (1)
malware campaign (1)
malware infection chain (1)
malware infrastructure (1)
malware loader (1)
malware persistence (1)
maritime GPS spoofing (1)
military targeting (1)
mobile banking (1)
mobile banking fraud (1)
mobile espionage (1)
mobile malware (1)
mobile security analysis (1)
mobile security threats (1)
multi-factor authentication (1)
network intelligence (1)
new ransomware family (1)
npm malware (1)
on-device virtualization (1)
on-premises exploitation (1)
password stealer (1)
patient data theft (1)
persistence module (1)
persistence technique (1)
persistent access (1)
phishing overlay (1)
photo exfiltration (1)
post-exploitation activity (1)
post-exploitation framework (1)
process injection (1)
proof of concept (1)
public sector malware (1)
ransomware 2025 (1)
ransomware defense (1)
ransomware groups 2025 (1)
ransomware healthcare 2025 (1)
ransomware overlay (1)
ransomware trends (1)
ransomware upgrade (1)
remote access backdoor (1)
remote control Android (1)
rootkit (1)
runtime injection (1)
screen recording malware (1)
screenshot capture (1)
secondary DEX files (1)
shellcode injector (1)
social engineering attacks (1)
software supply chain attack (1)
southern Europe threats (1)
spyware distribution (1)
state-aligned threat (1)
state-sponsored AI (1)
stealthy authentication bypass (1)
steganography (1)
stolen code signing certificate malware (1)
story of the year (1)
strategic web compromise (1)
supply chain compromise (1)
supply chain cyber attack Thailand (1)
targeting (1)
token harvesting malware (1)
trends (1)
watering hole attacks (1)
web shell deployment (1)
x86 (1)
xls (1)
zero-day exploits (1)

See all

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies