Threat Hunting & Intel
AsyncRAT SEO Poisoning Campaign Targets Software Downloads
AsyncRAT: SEO Poisoning Hits Software Downloads | 2026 Executive Summary In March 2026, NCC Group and FOX-IT disclosed that an unknown threat actor had been run...
Lucas Oliveira
Research
ClayRat Android spyware collapse after arrest in Russia
ClayRat: Android spyware operation collapses after arrest | 2026 Executive Summary ClayRat is an Android spyware operation that targeted users in Russia and app...
Lucas Oliveira
Research
Namibia Airports Company breach claim raises admin-access risk
Namibia Airports Company breach claim raises admin-access risk | 2026 Executive Summary Namibia Airports Company (NAC) disclosed that it detected a cybersecurit...
Lucas Oliveira
Research
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push GlassWorm is no longer just a story about obviously malicious extensions. Th...
Lucas Oliveira
Research
Cline CLI 2.3.0 supply chain attack silently installed OpenClaw on developer systems
Cline CLI 2.3.0 supply chain attack silently installed OpenClaw on developer systems Executive summary The Cline CLI supply chain incident is a practical remind...
Lucas Oliveira
Research
FBI seizes Handala sites after destructive Stryker hack
FBI seizes Handala sites after destructive Stryker hack | 2026 Executive Summary The FBI and U.S. Department of Justice have seized two websites linked to Handa...
Lucas Oliveira
Research
DarkSword iOS Exploit Chain Hits Multiple Threat Actors
DarkSword iOS Exploit Chain Hits Multiple Threat Actors Executive Summary Google Threat Intelligence Group says DarkSword is a full-chain iOS [exploit](https://...
Lucas Oliveira
Research
DarkSword iOS Exploit Chain Hits Multiple Threat Actors
DarkSword shows how iPhone zero-days spread far beyond a single operator Executive Summary Google Threat Intelligence Group says DarkSword is a full-chain iOS [...
Lucas Oliveira
Research
RondoDox botnet shifts to focused exploitation across 174 flaws
RondoDox botnet shifts to focused exploitation across 174 flaws The RondoDox botnet is no longer just another noisy vulnerability spray-and-pray operation. New...
Lucas Oliveira
Research
Slopoly Shows How AI-Generated Malware Is Entering Ransomware Operations
Slopoly Shows How AI-Generated Malware Is Entering Ransomware Operations | 2026 Executive Summary IBM X-Force says a ransomware-linked intrusion involved a like...
Lucas Oliveira
Research
OpenClaw AI Agents Can Leak Data via Indirect Prompt Injection
OpenClaw AI Agents Can Leak Data via Indirect Prompt Injection | 2026 Executive Summary OpenClaw is facing renewed scrutiny after reporting from The Hacker News...
Lucas Oliveira
Research
CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers
CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers | 2026 Executive Summary CVE-2025-26399 in SolarWinds Web Help Desk has moved from “critical but patcha...
Lucas Oliveira
Research