THREAT ACTORS
// SEARCH THREAT ACTOR PROFILES VIA OTX PULSE INTELLIGENCE
Search Threat Actor or Group
APT28 APT29 Lazarus Cobalt Strike REvil LockBit TA505 Fancy Bear
Results for "rat" — 57157 pulse(s) found from cache
SORT Newest Oldest
NPM Package Supply Chain Compromise Leads to RAT Deployment
axios packagepostinstall scriptdeveloper environmentsratnpm package compromisedependency poisoning
2026-04-10 AlienVault
7
IOCs
Payroll pirate attacks targeting Canadian employees
malvertisingcredential phishingcve-2025-27152payroll fraudsession hijackingaitm
2026-04-09 AlienVault ⚑ Storm-2755
3
IOCs
The long road to your crypto: ClipBanker and its marathon infection chain
2026-04-09 AlienVault
12
IOCs
North Korea's Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
developer toolingstaged loaderpypi npmratcryptocurrency walletcontagious interview
2026-04-08 AlienVault ⚑ Contagious Interview
4
IOCs
Leveling Up with NightSpire Ransomware
persistence mechanismsremote desktopdata exfiltrationnightspireransomware-as-a-serviceraas
2026-04-08 AlienVault ⚑ NightSpire
2
IOCs
APT28 exploit routers to enable DNS hijacking operations
exploittp-linkdns hijackingrussiaoauthapt28
2026-04-07 AlienVault ⚑ APT28
59
IOCs
Threat Brief: Widespread Impact of the Axios Supply Chain Attack
javascript trojandprk attributionsupply chain attackaxios librarycross-platform ratplain-crypto-js
2026-04-01 AlienVault
45
IOCs
Stranger Strings: Yurei Ransomware Operator Toolkit Exposed
Yurei RansomwareNetExecNetScanInfostealersAnyDesk
2026-04-01 AlienVault
6
IOCs
Inside the Axios supply chain compromise - one RAT to rule them all
Supply Chain Attacknpm Package CompromiseJavaScriptaxios
2026-04-01 AlienVault
8
IOCs
From Inbox to Intrusion: Multi‑Stage Remcos RAT and C2‑Delivered Payloads in Network
js dropperremote access trojanremcosphishingrat
2026-04-01 AlienVault
12
IOCs
A laughing RAT: CrystalX combines spyware; stealer; and prankware features
malware-as-a-servicecrystalxratmaas
2026-04-01 AlienVault
9
IOCs
Ringing in Chaos: How TeamPCP Weaponized the Telnyx Python SDK
credential theftratexfiltrationmsbuild.exesysmon.pypersistence
2026-03-31 AlienVault ⚑ TeamPCP
47
IOCs
Bogus website fakes virus scan, installs Venom Stealer instead
venom stealerimpersonationscare tacticsfake antiviruscredential theftphishing
2026-03-27 AlienVault
3
IOCs
CastleRAT attack first to abuse Deno JavaScript runtime to evade enterprise security
clickfixsocial engineeringcastleratdenojavascriptapi abuse
2026-03-11 AlienVault
6
IOCs
An Investigation Into Years of Undetected Operations Targeting High-Value Sectors
superdumpxnoteantswordscanportplusgodzillasliver
2026-03-06 AlienVault ⚑ CL-UNK-1068
44
IOCs
MuddyWater Exposed: Inside an Iranian APT operation
cve-2025-52691vulnerability exploitationcve-2022-42475arenac2moiscve-2025-34291
2026-03-05 AlienVault ⚑ MuddyWater 🎯 Israel, Jordan, Egypt, United Arab Emirates, Portugal, United States of America
19
IOCs
Iranian APT Infrastructure in Focus: Mapping State-Aligned Clusters During Geopolitical Escalation
proactive defensegeopolitical tensionstls fingerprintingtonnerreinfrastructure analysiscyberattacks
2026-03-04 AlienVault ⚑ MuddyWater 🎯 United States of America, Iran, Islamic Republic of, Israel
15
IOCs
Browse all pulses by OTX author username:
View Author Profile: rat