trojan
-
The Rise of BYOVD: Exploiting Trusted Drivers to Blind Endpoint Defense
In the modern threat landscape, the battleground has shifted from simple file execution to sophisticated kernel-level manipulation. Hackers are increasingly…
Read More » -
Unmasking CL-STA-1062: The Stealthy Threat Targeting Southeast Asian Infrastructure
During 2025, a Chinese-speaking threat actor, tracked as CL-STA-1062, significantly escalated its regional operations. Targeting government entities and critical energy…
Read More » -
Deep Dive: The Synergy of ModeloRAT and Backdoor.Mistic in Initial Access Brokerage
Security researchers are uncovering a sophisticated operational pipeline linking the Python-based remote access trojan (RAT) ModeloRAT with a newly identified…
Read More » -
Social Engineering at Scale: How a Fake Document Utility Deployed Anatsa Banking Trojan to 100K Users
A sophisticated Android malware campaign has recently been identified, leveraging a deceptive “document reader” application to distribute the notorious Anatsa…
Read More » -
In-Memory Evasion: Deconstructing the “Dropping Elephant” China-Themed Loader Chain
A sophisticated threat actor, tracked as “Dropping Elephant,” has deployed a highly evolved campaign characterized by the use of China-themed…
Read More » -
Weaponizing Repositories: Analyzing a Massive 10,000-Node Malware Campaign on GitHub
A sophisticated, large-scale malware distribution infrastructure has been uncovered leveraging the trust inherent in the GitHub ecosystem. This coordinated campaign…
Read More » -
Exploiting Trust: How Malvertisers Leveraged GitLab and Claude.ai for In-Memory RAT Deployment
A highly sophisticated malvertising and social engineering campaign has recently emerged, showcasing a tactical pivot from weaponized GitLab Pages to…
Read More » -
Rokarolla: zLabs Uncovers Sophisticated Android Banking Trojan
Cybersecurity researchers have uncovered a highly capable Android banking trojan dubbed Rokarolla—a name derived directly from its Command-and-Control (C2) infrastructure.…
Read More » -
Stealth via Infrastructure: How DragonForce Leverages Microsoft Teams TURN Relays for C2
In a sophisticated display of living-off-the-trusted-infrastructure, the DragonForce ransomware group has successfully weaponized Microsoft Teams’ backend architecture to mask malicious…
Read More » -
APT37 Unmasked: The Highly Targeted NarwhalRAT Campaign
The threat actor identified as APT37 is currently deploying a highly sophisticated, multi-stage intrusion chain centered around NarwhalRAT. This campaign…
Read More » -
Technical Analysis: BLUERABBIT – A Modular Golang Backdoor with Destructive Payload Capabilities
Security researchers have identified a sophisticated new Golang-based backdoor, dubbed BLUERABBIT, designed to execute a multi-stage attack lifecycle on Windows…
Read More » -
Technical Analysis: The Evolution of NFCShare Android Banking Trojan
A sophisticated and operationally refined iteration of the NFCShare Android banking trojan has surfaced, specifically engineered to facilitate NFC-based card…
Read More » -
DATA, DLLs, and PlugX: Deconstructing Mustang Panda’s Latest Move
Recent threat intelligence reveals a sophisticated campaign by Mustang Panda, a China-nexus APT group frequently linked to espionage against government…
Read More » -
PHANTOMPULSE: A Sophisticated, Blockchain-Driven Remote Access Trojan
Recent technical analysis has brought to light the complexities of PHANTOMPULSE, a highly sophisticated Remote Access Trojan (RAT) engineered for…
Read More »