Inside Modern Supply Chain Intrusions: From CI/CD Abuse to Ecosystem-Wide Compromise
Modern supply chain intrusions are attacks that compromise trusted software development systems,...
Read More
Behind .payload: In-Depth Technical Analysis of Payload Ransomware
Payload ransomware is a Windows ransomware family that appends the .payload extension to encrypted...
Read More
PlugX DLL Sideloading via MSI Installer: Complete Malware Analysis of a KorPlug Campaign
PlugX (KorPlug) is a modular remote access trojan delivered in this campaign through an MSI-based...
Read More
Phantom Stealer Analysis: Inside the Two-Layer Attack Chain Hidden Behind a Windows DLL
Phantom Stealer is a two-layer Windows infostealer attack chain that uses a malicious pdh.dll...
Read More
Salat Stealer Analysis: Go-Based RAT, C2 Resilience, and Info-Stealing Capabilities
Executive Overview Salat Stealer is a sophisticated Go-based Remote Access Trojan (RAT) with deep...
Read More
Beyond TTPs: A Better Way to Attribute APT Activity Through Campaign Linkage
Introduction Attribution in cyber threat intelligence has long been built around the concept of...
Read More
In-Depth Technical Analysis Of VECT Ransomware
Overview On January 19, 2026, the Vect ransomware operation publicly announced its affiliate...
Read More
Crypto Money Laundering
Crypto Money Laundering: Definition, Stages, and Common Techniques Money laundering is the process...
Read More
The Ransomware Ecosystem: Roles, Tools, and How Modern RaaS Attacks Work
Ransomware is no longer just a malicious program deployed by a single attacker — it has evolved...
Read More
Smishing Triad Targets Egypt’s Financial Sector and Postal Services
Recently, during one of our threat hunting operations, our squad identified multiple malicious...
Read More