🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Anyone at FIRST.org welcome party? Lets catch up!

FileFix - A ClickFix Alternative mrd0x.com/filefix-clickf…

We ( Sathwik Ram Prakki & me) presented our research on Cobalt Whisper & UNG0002( campaigns related to it) at FIRST.org at Copenhagen! Met some cool folks such as Gi7w0rm , collected some conference swags from TeamT5 , research & presentation to be released soon!

Pretty city, indeed!

"The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel. This means security products like anti-virus and endpoint protection solutions can run in user mode just as apps do." 👀 blogs.windows.com/windowsexperie…

A follow up on last week’s FileFix blog. FileFix (Part 2) mrd0x.com/filefix-part-2/

Found a few interesting samples a few days ago targeting Ukranian(?) speaking entities, here are the SHAs 0a99a8c7fb31ac586c46344c4cfed7ea29a27d73f5727b0265b771fa2d7ef96c 6c5a89c3dd7b596fd1be2aa88eddb3234bf6f006638c9bb3e04c33f416d28080 mostly LNK & ZIP MalwareHunterTeam Szabolcs Schmidt

When, I blogged about this campaign, I was always skeptical that it is an internal cybersecurity exercise, but I was highly doubtful, thus named it 'DRAGONCLONE', but man using exact infra on "targeting SAP NetWeaver Visual Composer" & "government-led cyber exercise" is wild....

🚨🆕🐟🍟 New blog from me and the amazing Threat Insight team covering recent activity by multiple China-aligned threat actors targeting semiconductor companies in Taiwan over the past few months: proofpoint.com/us/blog/threat…

Weird ZIP file surfaced from Brazil 🇧🇷 a6233e8968684230dc60e6c7612a75e2705af6750a863a08d807e7e0dbcd61d6 257hiiq23[.]turbao[.]xyz MalwareHunterTeam Szabolcs Schmidt Mikhail Kasimov

#SideCopy #APT #Phishing Tour Programme Ayodhya.pdf.lnk c59efe3739ae3e2814ff48f41b0d0ad8 ompowerterminus[.]com SVNUpdates #MSI 4cc0cc070ec8a51b437ddc393487bb7e DUI70.dll #CurlBackRAT f4a82380cc0e246a4f576bc81fa6f879 #C2 backup[.]intelupates[.]com #APT36 #TransparentTribe

A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus. wired.com/story/china-ho…

⚠️ WARNING - Fake CVs are being used to breach defense, energy & aviation sectors in Asia. Espionage group UNG0002 is deploying Cobalt Strike, Shadow RAT & fake gov CAPTCHA pages in targeted attacks across China, Hong Kong & Pakistan. Full breakdown → thehackernews.com/2025/07/ung000…

A recent analysis reveals that Operation CargoTalon targets the Russian aerospace sector using the EAGLET implant, exploiting spear-phishing tactics to execute malicious commands and exfiltrate sensitive data. #CyberSecurity #Malware ift.tt/nFOKl3Z

🚨 Russian defense firms hit by stealth cyberattack! Hackers deployed a new backdoor—EAGLET—to spy on aerospace targets via fake logistics docs tied to sanctioned rail firms. Read → thehackernews.com/2025/07/cyber-…

Thanks for referencing the research! The Hacker News

14137558073301053ccb26440d07e2def8a0add9029d42c4bf0776bf3c0f5659 (LNK) hxxps[://]datamero[.]org virustotal.com/gui/file/14137… Final Payload : virustotal.com/gui/file/14137… Mikhail Kasimov Arctic Wolf MalwareHunterTeam