social engineering 10 credential theft 8 clickfix 5 credential harvesting 4 infostealer 4 macos 3 supply chain attack 3 phishing 3 living-off-the-land 2 windows 2 deno runtime 2 ransomware-as-a-service 2 gogra 2 stepdrainer 2 cryptocurrency 2 fake captcha 2 powershell 2 remote access 2 cryptominer 2 linux compromise 2 chm files 2 screenconnect 2 adaptixc2 2 cross-platform 2 maas 2 mimikatz 2 redsun 2 privilege escalation 2 cryptocurrency wallet theft 2 process injection 2 rootkit 1 stealth 1 ai-assisted 1 lkm 1 voidlink 1 vidar 1 lumma stealer 1 odyssey stealer 1 lummastealer 1 netsupport rat 1 redline stealer 1 initial access 1 obfuscation 1 macsync 1 rtf exploitation 1 ctos rat 1 uwarrior 1 castleloader 1 caddy proxy 1 tsundere botnet 1 trigona 1 kernel driver abuse 1 wktools 1 stpprocessmonitorbyovd 1 malextractor 1 hrsword 1 dumpguard 1 gopherwhisper 1 laxgopher 1 ratgopher 1 boxoffriends 1 go-based backdoors 1 jabgopher 1 china-aligned apt 1 frienddelivery 1 cloud infrastructure abuse 1 browser extension 1 snowbelt 1 microsoft teams phishing 1 brickstorm 1 snowglaze 1 snowbasin 1 wallet-phishing 1 etherrat 1 smart-contract-abuse 1 drainer-as-a-service 1 miolab 1 irsf 1 sms fraud 1 click2sms 1 tds 1 lua virtual machine 1 fast16 1 shadowbrokers 1 cyber sabotage 1 floating-point corruption 1 two-factor authentication 1 browser security 1 chrome extension 1 fraudulent paywall 1 aiframe campaign 1 iframe injection 1 trivy 1 fileless execution 1 dropper 1 persistence mechanism 1 brand abuse 1 document decoy 1 ultravnc 1 trojanized installer 1 foxit impersonation 1 ai agents 1 css concealment 1 llm exploitation 1 api key theft 1 indirect prompt injection 1 prompt injection techniques 1 web poisoning 1 financial fraud 1 domain generation algorithm 1 angler exploit kit 1 foreign exchange rates 1 ad-fraud botnet 1 cyclic groups 1 cve-2015-0311 1 group theory 1 bedep 1 angler 1 dga 1 self-propagating 1 worm 1 icp canister 1 pypi 1 canisterworm 1 npm 1 repocket 1 botnet 1 multiple threat actors 1 systemd-logind 1 dnser 1 ai-assisted remediation 1 earnfm 1 fkkkf 1 cve-2025-55182 1 xmrig 1 fh8a7d7m 1 data exfiltration 1 react2shell 1 docker hub poisoning 1 github actions 1 mcpaddon.js 1 npm propagation 1 ci/cd compromise 1 canister worm 1 checkmarx kics 1 vs code extension 1 supply chain compromise 1 scheduled task 1 cmdkey 1 unc path 1 lolbins 1 remote dll 1 regsvr32 1 dprk 1 astrill vpn 1 vpn infrastructure 1 freelance platforms 1 fake it workers 1 cryptocurrency fraud 1 residential proxies 1 sanctions evasion 1 information stealer 1 anti-analysis techniques 1 agent tesla 1 compiled html help 1 ftp exfiltration 1 javascript obfuscation 1 adobe lure 1 phone link 1 uri handler exploitation 1 password.exe 1 sumatrapdf 1 cobaltstrike 1 adaptixc2 beacon 1 entryshell 1 toshis 1 tropic trooper 1 chinese targets 1 cobaltstrike beacon 1 toshis loader 1 github c2 1 graphon 1 south asia espionage 1 linux backdoor 1 microsoft graph api 1 azure ad abuse 1 nation-state 1 rust 1 virtualization 1 chacha8 1 hyper-v 1 vmware 1 esxi 1 kyber 1 crypto clipper 1 twizadmin 1 multi-platform 1 russian-speaking 1 crpx0 1 ransomware 1 cryptocurrency theft 1 formbook 1 mandark 1 syscall evasion 1 obfuscated javascript 1 data-stealing 1 panthomvai 1 mandark loader 1 ntdll mapping 1 phishing campaigns 1 dll side-loading 1 cmstplua-uac-bypass 1 azure-trusted-signing 1 cryptor-as-a-service 1 dll-sideloading 1 etw-patching 1 amsi-bypass 1 fudcrypt 1 espionage 1 backdoor 1 south korea diplomacy 1 lotuslite 1 dll sideloading 1 india banking 1 javascript loader 1 russian-speaking actor 1 ai-augmented attacks 1 cve-2023-27532 1 backup infrastructure targeting 1 vpn exploitation 1 active directory compromise 1 cve-2024-40711 1 meterpreter 1 fortigate 1 dcsync 1 credential abuse 1 cve-2019-7192 1 mach-o man 1 browser stealing 1 pylangghostrat 1 mach-o binaries 1 telegram exfiltration 1 fintech targeting 1 handypay trojanization 1 brazil targeting 1 ngate 1 fake lottery 1 nfc relay 1 ai-generated code 1 pin theft 1 phantomcard 1 payment card fraud 1 agenttesla 1 phishing email 1 trojan campaigns 1 fake invoices 1 remcosrat 1 script-based attacks 1 html phishing 1 dev#popper rat 1 omnistealer 1 git history tampering 1 vs code exploitation 1 worm propagation 1 fake job interview 1 blockchain infrastructure 1 invisibleferret 1 repository poisoning 1 north korea 1 developer targeting 1 beavertail 1 ottercookie 1 destructive attack 1 targeted campaign 1 critical infrastructure 1 batch scripts 1 venezuela 1 disk wiping 1 lotus wiper 1 energy sector 1 undefend 1 beigeburrow 1 nightmare-eclipse 1 cve-2026-33825 1 windows defender bypass 1 bluehammer 1 fortigate vpn 1 session hijacking 1 applescript 1 browser data exfiltration 1 persistent access 1 microsoft entra id 1 device code flow 1 graph api 1 oauth 1 token hijacking 1 smart contract 1 stager api 1 crypto 1 redsun.exe 1 microsoft defender 1 zero-day 1 system access 1 tieringengineservice 1 filesystem manipulation 1 cobalt-strike 1 domain-compromise 1 the gentlemen 1 psexec 1 systembc 1 esxi-encryption 1 lateral-movement 1 cobalt strike 1 anydesk 1 group-policy-deployment 1 flowerstorm 1 iocs 1 cloudflare 1 provisioning profiles 1 fakewallet 1 chinese targeting 1 enterprise certificates 1 ios 1 phishing apps 1 sparkkitty 1 muddywater infrastructure 1 in-memory execution 1 seedworm 1 microsoft teams 1 dindoor 1 dindoor backdoor 1 iran apt 1 dinodance 1 codex ai 1 multi-actor 1 edr evasion 1 monero mining 1 nwhstealer 1 fake vpn 1 dll hijacking 1 browser data theft 1 uac bypass 1 evilsun 1 financial sector 1 lemonstick 1 steelcorgi 1 rollcoast 1 pam backdoor 1 oracle solaris 1 cve-2019-0708 1 managed service providers 1 oksolo 1 tinyshell 1 anti-forensics 1 unc1945 1 virtual machines 1 slapstick 1 logbleach 1 pupyrat 1 openshackle 1 ssh tunneling 1 cve-2020-14871 1 mgbot 1 lateral movement 1 network detection 1 post-exploitation framework 1 coolclient 1 command-and-control 1 toneshell 1 vbcloud 1 cloudatlas 1 edr 1 powershower 1 vbshower 1 cve-2024-3721 1 mirai variant 1 mirai 1 persistence mechanisms 1 iot botnet 1 multi-architecture 1 credential brute-force 1 tbk dvr exploitation 1 nexcorium 1 ddos attacks 1 cve-2017-17215 1