stealthy
-
Turning Off the Cameras: How an Iran-Linked APT is Silencing .NET Telemetry Before It Starts
The threat landscape is shifting from simple payload delivery to sophisticated runtime manipulation. Recent intelligence highlights a significant escalation in…
Read More » -
JINX-0164: The Orchestrated Targeting of Crypto-Development Pipelines
A sophisticated new threat actor, identified as JINX-0164, has emerged with a specialized focus on infiltrating cryptocurrency organizations. Unlike broad-spectrum…
Read More » -
The Click You Didn’t Make: How Motorola’s “Helpful” Feed Hijacked Your Amazon Sessions
Motorola is currently under intense scrutiny following revelations that its preinstalled “Smart Feed” application was performing silent, unauthorized interceptions of…
Read More » -
Deep Dive: Analyzing Quasar Linux (QLNX), the Stealthy Supply-Chain Trojan
A sophisticated new threat actor has emerged in the Linux ecosystem: Quasar Linux (QLNX). Despite its name, this is not…
Read More » -
Supply Chain Compromise: art-template NPM Package Weaponized to Deliver Coruna iOS Exploits
In a sophisticated supply-chain attack, threat actors have compromised the widely utilized art-template npm package, transforming a trusted JavaScript templating…
Read More » -
Paper Werewolf Strikes Critical Infrastructure: Deconstructing the EchoGather RAT and PaperGrabber Campaign
Between March and April 2026, a sophisticated Russian-speaking threat actor identified as Paper Werewolf (also tracked as GOFFEE) initiated a…
Read More » -
Critical Zero-Day Alert: Unauthenticated Root Access via CVE-2026-0300 in Palo Alto Networks PAN-OS
Security operations centers (SOCs) worldwide are facing a high-stakes race against time. A sophisticated zero-day vulnerability, tracked as CVE-2026-0300, has…
Read More » -
Gamifying Malice: How Threat Actors are Turning Supply Chain Attacks into a Competitive Sport
The landscape of software supply chain security is facing a disturbing new evolution. Rather than traditional, stealthy infiltrations, a new…
Read More » -
Critical Security Advisory: GitLab Patches 25 Vulnerabilities Targeting CI/CD Pipelines and Session Integrity
GitLab has released an urgent security advisory to mitigate a significant cluster of vulnerabilities that pose a direct threat to…
Read More » -
Evolution of the ClickFix Campaign: Multi-Layered Persistence and Python-Based Proxying
The landscape of social engineering-driven malware is shifting from opportunistic, single-stage infections to sophisticated, multi-layered intrusion chains. A recently observed…
Read More » -
Evasion at Scale: How Kong RAT Bypasses EDR and Establishes Silent Persistence
A sophisticated cyber espionage campaign, active from approximately May 2025 through March 2026, has utilized advanced Search Engine Optimization (SEO)…
Read More » -
Stealthy Pivot: North Korean Actors Leverage Git Hooks for ‘Contagious Interview’ Malware Delivery
In a sophisticated evolution of the ongoing “Contagious Interview” campaign, North Korean threat actors have pivoted away from traditional delivery…
Read More » -
Threat Advisory: Malvertising Campaign Leverages Fake Claude AI Site to Deploy “Beagle” Backdoor via PlugX-Style Sideloading
Threat actors are currently executing a sophisticated social engineering campaign that weaponizes the popularity of Large Language Models (LLMs). By…
Read More »