Armored Likho APT leverages AI-generated malware and BusySnake Stealer
Armored Likho utilizes a modular and evolving toolkit that includes obfuscated remote access trojans (RATs), the Python-based BusySnake Stealer, and Go2Tunne...
Armored Likho utilizes a modular and evolving toolkit that includes obfuscated remote access trojans (RATs), the Python-based BusySnake Stealer, and Go2Tunne...
A targeted campaign in which the ToddyCat (aka APT-style) group leverages a previously observed loader family, Umbrij, to hijack Gmail accounts by abusing Go...
Network analysts who open packet captures in Wireshark push untrusted data through a large set of protocol dissectors, and each parser is a spot where a malf...
Cisco says the threat actor behind the LapDogs campaign has expanded its SOHO router malware toolkit with LongLeash, DogLeash, and JarLeash backdoors. The po...
Cisco Talos said China-linked APT UAT-7810 is growing its proxy relay network with new malware
Kaspersky details how the newly named Armored Likho APT uses BusySnake Stealer, AI-generated loaders, and phishing to target government and energy organizati...
A new intrusion campaign attributed to APT‑C‑20 (aka Fancy Bear, APT28) demonstrates the group’s continued refinement of stealthy, fileless techniques: weapo...
Codenotary has announced AgentMon 3, the latest generation of its enterprise AI security platform, introducing adaptive runtime security policies. These cont...
Yesterday, I talked about NAPTR records and how they are related to RCS. But there is another "odd" record that shows up in my DNS logs.
The TrojPix technique, developed by Shandong University researchers, exploits the video cable to radiate faint radio signals that can be captured by a nearby...
Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in ...
Armored Likho APT uses AI-generated malware, phishing, and BusySnake Stealer to target governments and power grids in Russia, Kazakhstan, and Brazil. Kaspers...
iOS Bluetooth PAN Exploit - Ethernet Gateway without Adapter
The threat actor uses modular RATs and information stealers in financially motivated and cyber espionage campaigns. The post Armored Likho APT Targeting Gove...
Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is supposed t...
A fully autonomous AI agent conducted an end-to-end cyber intrusion and extortion campaign after exploiting a vulnerable Langflow server, demonstrating how l...
The SilverFox advanced persistent threat (APT) group has escalated its offensive toolkit by transforming ValleyRAT from a conventional remote access trojan i...
A focused phishing campaign operated by a previously unreported APT we’ve named Armored Likho (also tracked under the provisional alias Eagle Werewolf).
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake...
The LLM fixed a failed login attempt within 31 seconds, demonstrating real-time adaptability.