APTAPT (Targeted attacks)APT reportsBackdoorCloud AtlasCybersecurityMalware descriptionsMalware TechnologiesMicrosoft WindowsPhishingPowerShellSSHTargeted attacksWindows malware
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
In 2025, we observed pervasive SSH...
APTAPT (Targeted attacks)APT reportsBackdoorCybersecurityDropperGitHubGReAT researchKimsukyMalwareRATRC4Spear phishingTargeted attacksWindows malware
Kimsuky targets organizations with PebbleDash-based tools
Over the past few months, we...
AIAPTCVECybersecurityExploit KitslinuxMicrosoft OfficeMicrosoft WindowsOpen sourceUnix and macOS malwareVulnerabilities and exploitsVulnerability reportsVulnerability StatisticsWindows malware
Exploits and vulnerabilities in Q1 2026
During Q1 2026, the exploit kits...
APTAPT (Targeted attacks)APT reportsCybersecurityGReAT researchMalwareMalware descriptionsMalware TechnologiesOceanLotusPythonSupply-chain attackTargeted attacksZiChatBot
OceanLotus suspected of using PyPI to deliver ZiChatBot malware
Introduction Through our daily threat hunting,...
ABCDoorAPTAPT (Targeted attacks)APT reportsBackdoorCybersecurityGReAT researchMalwareMalware descriptionsMalware TechnologiesRATRustSLSilver FoxSpam and phishingSpear phishingTargeted attacksTrojanValleyRAT
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
In December 2025, we detected a...
AppleApple iOSAPTAPT (Targeted attacks)CybersecurityencryptionExploit KitsGReAT researchMalware descriptionsMobile MalwareMobile threatsSafariTriangulationVulnerabilities and exploitsZero-day vulnerabilities
Coruna: the framework used in Operation Triangulation
Introduction On March 4, 2026, Google...
APTCVECybersecurityDriverslinuxMicrosoft OfficeMicrosoft WindowsMythic FrameworkReact2ShellToolShellVulnerabilitiesVulnerabilities and exploitsVulnerability reportsVulnerability StatisticsWinRARZero-day vulnerabilities
Exploits and vulnerabilities in Q4 2025
The fourth quarter of 2025 went...
APTAPT (Targeted attacks)APT reportsBackdoorBrowserCybersecurityFirefoxGoogle ChromeGReAT researchHoneyMyteInfostealersMalwareMalware descriptionsMalware TechnologiesMicrosoft EdgeTargeted attacksTrojan-stealer
HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns
Over the past few years, we’ve...
APTAPT (Targeted attacks)APT reportsBackdoorCybersecurityGReAT researchHoneyMyteMalwareMalware descriptionsRootkitsTargeted attacks
The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
Overview of the attacks In mid-2025,...
APTAPT (Targeted attacks)APT reportsCybersecurityDefense evasionDNS manipulationencryptionEvasive PandaGReAT researchMalwareMalware descriptionsMalware TechnologiesshellcodeTargeted attacksWindows malware
Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction The Evasive Panda APT group...