downloads
-
Exploiting Trust: How CVE-2026-35616 Turns FortiClient EMS into a Malware Distribution Engine
Security teams are currently navigating a sophisticated new threat landscape where the very tools meant to secure an organization are…
Read More » -
Technical Analysis: Sophisticated ValleyRAT Campaign Leverages DLL Sideloading via Fake Microsoft Teams Portals
Cybersecurity researchers have identified an active and highly organized campaign distributing a new variant of the ValleyRAT malware. This operation…
Read More » -
Supply Chain Alert: Compromised GitHub Actions Target CI/CD Secrets via Git Tag Manipulation
A sophisticated supply chain attack has been identified targeting the actions-cool/issues-helper GitHub Action. The breach leverages a highly effective technique…
Read More » -
Mini Shai-Hulud: Supply Chain Campaign Targets @antv Ecosystem
A sophisticated, large-scale supply chain attack has recently been detected targeting the npm registry, specifically compromising a wide array of…
Read More » -
Analyzing OtterCookie: The Node.js-Based Surveillance RAT Targeting Developer Workstations
A sophisticated new threat actor has emerged in the cybersecurity landscape: OtterCookie. Unlike many high-volume malware strains that focus on…
Read More » -
Paper Werewolf Strikes Critical Infrastructure: Deconstructing the EchoGather RAT and PaperGrabber Campaign
Between March and April 2026, a sophisticated Russian-speaking threat actor identified as Paper Werewolf (also tracked as GOFFEE) initiated a…
Read More » -
Supply Chain Security Under Siege: TeamPCP’s Aggressive Pipeline Attacks
A sophisticated, financially motivated threat actor operating under the moniker TeamPCP has launched an aggressive campaign targeting the bedrock of…
Read More » -
Evasion at Scale: How Kong RAT Bypasses EDR and Establishes Silent Persistence
A sophisticated cyber espionage campaign, active from approximately May 2025 through March 2026, has utilized advanced Search Engine Optimization (SEO)…
Read More » -
Hunting ModeloRAT: How Attackers are Hijacking Teams for High-Trust Social Engineering
Cybersecurity researchers have identified a sophisticated shift in the delivery tactics used by threat actors to deploy ModeloRAT. Rather than…
Read More » -
The Worm That Ate the Workflow: Unpacking the TanStack, React Router, and Mini Shai-Hulud Infection Chain
A sophisticated supply chain compromise has recently targeted the TanStack ecosystem, affecting 84 distinct npm packages. This wasn’t a simple…
Read More » -
Threat Advisory: Malvertising Campaign Leverages Fake Claude AI Site to Deploy “Beagle” Backdoor via PlugX-Style Sideloading
Threat actors are currently executing a sophisticated social engineering campaign that weaponizes the popularity of Large Language Models (LLMs). By…
Read More » -
Critical Flaws in Ollama: Memory Leaks, Persistent RCE, and What Every AI Operator Needs to Know
Ollama has rapidly established itself as the de facto standard for local large language model (LLM) deployment. With over 171,000…
Read More » -
Hologram: The Sophisticated Rust-Based Infostealer Hiding Behind a Fake OpenClaw Installer
Threat actors are significantly raising the bar for credential theft by leveraging highly sophisticated, modular frameworks. A recent campaign has…
Read More »