Threat Profile: APT35 (Charming Kitten)
Executive Summary APT35, also known as Magic Hound and Charming Kitten, is an Iranian state-backed...
Read More
Suspicious ScreenConnect Abuse by Threat Actors
Recently observed an uptick in threat actors abusing RMM tools for initial access via...
Read More
Threat Profile: Conti Ransomware Group
Executive Summary Conti ransomware, first identified in 2019, quickly became one of the most...
Read More
MuddyWater: Inside Iran’s Persistent Cyber-Espionage Group Targeting the Middle East
MuddyWater, a long-running Iranian cyber-espionage group affiliated with Iran’s Ministry of...
Read More
Marketing’s Shadow Twin: Cybercrime’s Use of Legitimate Online Platforms
Introduction digital analytics tools—such as link shorteners, location trackers, CAPTCHAs, and...
Read More
Scattered Spider – UNC3944: A Comprehensive and Detailed Threat Profile
Scattered Spider (also known by aliases such as 0ktapus, Muddled Libra, Roasted 0ktapus, Scatter...
Read More
Qilin Ransomware: A Deep Dive into Operations & OPSEC Breakdowns
A Major Power Shift: The Sudden Disappearance of RansomHub One of the most pivotal developments in...
Read More
Critical SharePoint Vulnerability CVE-2025-53770: Remote Code Execution via ViewState Abuse
On the evening of July 18, 2025, active and large-scale exploitation of a newly discovered...
Read More
How Shortcut Files (.LNK) used to Deliver Ransomware
Windows Shortcut files — commonly known as LNK files — are a core part of the Windows...
Read MoreClickFix Chaos: A Deep Dive into Rhadamanthys Infostealer’s Stealth and Steal Tactics
While hunting for phishing domains, I came across this suspicious...
Read More