OTX PULSE FEED
// SUBSCRIBED THREAT INTELLIGENCE PULSES — PAGE 1
All Malware Phishing APT Ransomware Botnet
50 results
ClickFix Removes Your Background but Leaves the Malware
netsupport ratclickfixreflective loadercastleloadersocial engineering
2026-04-30 AlienVault TLP:WHITE
22
IOCs
ClickFix
Energy Sector Incident Report
energy sectorcve-2024-2617rubeusdynowiperlazywiperdestructive operations +7
2026-04-30 AlienVault Poland TLP:WHITE
38
IOCs
Static Tundra
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
python backdoorsilver foxwinos 4.0valleyratABCDoor
2026-04-30 AlienVault British Indian Ocean Territory, India, Indonesia, Japan, Russian Federation, South Africa TLP:WHITE
144
IOCs
Silver Fox
Komari Red: The Monitoring Tool with a Built-in Reverse Shell
rdp-enablementcredential-theftsslvpn-compromiseimpacketnssm-persistencereverse-shell +2
2026-04-30 AlienVault TLP:WHITE
1
IOCs
DDoS-for-Hire Operation Exposed: How an Operator's Debug Build Unraveled a Commercial Game-Server Botnet
minecraftgame server targetingddos-for-hiremirai-derivedvltrigxlabs_v1 +4
2026-04-29 AlienVault TLP:WHITE
12
IOCs
Tadashi
Kuse Web App Abused to Host Phishing Document
fake login pagecredential harvestingvendor email compromisesupply chainai platform abusemarkdown file +2
2026-04-29 AlienVault TLP:WHITE
3
IOCs
Kimsuky's Advanced Attack Techniques: JSONPing, Webex Spoofing, and a New HttpSpy Variant
spear phishinghttpspywebex spoofingloaddll.dllsouth korea targetingmemloader +7
2026-05-29 AlienVault TLP:WHITE
58
IOCs
Kimsuky
Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan
sidecopyxenorattransparent tribeapt36pashto lureprovincial targeting +4
2026-05-29 AlienVault Afghanistan TLP:WHITE
16
IOCs
SideCopy
Phoenix Rising: Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns
credential harvestingsmishingphaasmfa bypassphoenix systemfinancial fraud +1
2026-04-29 AlienVault TLP:WHITE
24
IOCs
LofyStealer: Malware targeting Minecraft players.
browser datainfostealerchromelevatorgrabbotnode.js loadercredential theft +4
2026-04-29 AlienVault TLP:WHITE
6
IOCs
LofyGang
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
vshellproxylogon exploitationgodzillaexchange server compromiseringqgodzilla webshell +2
2026-04-30 AlienVault British Indian Ocean Territory, India, Malaysia, Myanmar, Pakistan, Poland, Sri Lanka, Taiwan, Thailand TLP:WHITE
94
IOCs
SHADOW-EARTH-053
Typosquatted npm packages used to steal cloud and CI/CD secrets
typosquattingelasticsearchsupply-chain-attackopensearchnpm
2026-05-29 AlienVault TLP:WHITE
7
IOCs
vpmdhaj
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
go languagekazuarransomware-as-a-servicethe gentlemen
2026-05-28 AlienVault TLP:WHITE
4
IOCs
Storm-2697
FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch
endpoint exploitationekz infostealerforticlient emsvpn configuration abusecve-2026-35616
2026-05-28 AlienVault TLP:WHITE
10
IOCs
User interaction with a ClickFix-style phishing site resulted in execution of an obfuscated PowerShell command
phishinglumma stealerpowershellinformation stealercredential thefthijackloader +3
2026-04-29 AlienVault TLP:WHITE
12
IOCs