Shai-Hulud V2 is an advanced supply chain campaign that abused the npm ecosystem to compromise over 700 packages, create 27,000+ malicious GitHub repositories, and expose roughly 14,000 secrets across hundreds of organizations. It leverages preinstall execution, Bun-based payloads, self-hosted GitHub Actions runners, cross-victim credential recycling, and a destructive dead man’s switch to maximize persistence, propagation, and data exfiltration. #ShaiHulud #npm
Category: Threat Research
The Water Saci campaign in Brazil leverages multi-format delivery via WhatsApp (HTA, ZIP, PDF) and a layered MSI/AutoIt loader to deploy a banking trojan with persistence and process-hollowing techniques. The actors also automated propagation via WhatsApp using a Python port of a PowerShell automation (whatsz.py / tadeu.ps1), employed IMAP-based C2 retrieval…
Cato CTRL found that Anthropicâs Claude Skills single-consent model lets approved Skills run hidden helper code with persistent permissions to read/write files, download and execute external scripts, and open outbound connections without additional prompts. In a controlled PoC they modified the open-source GIF Creator Skill to fetch and run a live MedusaLocker ransomware payload, demonstrating an end-to-end attack chain and large-scale enterprise impact. #MedusaLocker #ClaudeSkills
Check Point Research disclosed that on November 30, 2025 a critical exploit against Yearn Financeâs yETH pool on Ethereum allowed an attacker to mint 235 septillion yETH by depositing just 16 wei, resulting in roughly $9 million stolen. The root cause was a cached storage bug where packed_vbs[] residual values were not reset when supply hit zero, enabling a capitalâefficient stateâpoisoning exploit; #YearnFinance #yETH
New 2025 samples of eBPF-abusing malware show continued evolution: Symbiote uses UDP port-hopping on high ports for stealthy C2 while BPFDoor added IPv6 support and hides C2 in DNS (UDP/53). Fortinet detects these families (Linux/Symbiote.B!tr, Linux/BpfDoor.F!tr) and provides antivirus and IPS signatures to block reverse shells and C2 traffic. #Symbiote #BPFDoor
Jamf Threat Labs analyzed a multi-stage FlexibleFerret campaign that uses fake recruitment websites and staged hiring assessments to socially engineer macOS users into running Terminal commands that download and execute a shell loader and Go backdoor. The attack establishes persistence via a LaunchAgent, displays a decoy MediaPatcher.app to capture Chrome credentials and keychain data, and exfiltrates harvested data using the Dropbox upload API as part of the Contagious Interview operation. #FlexibleFerret #ContagiousInterview
A sudden collapse in Salty2FA infrastructure in late October 2025 coincided with samples that contained indicators, code, and delivery fallbacks from both Salty2FA and Tycoon2FA, producing single payloads that executed stages from each kit. This hybridization complicates attribution and detection, and suggests defenders should treat Salty2FA and Tycoon2FA as a linked…
Threat actors exploited the high volume of legitimate Black Friday marketing to run convincing phishing campaigns impersonating retailers like Amazon and Louis Vuitton, using newly registered domains, redirects, and cloud-hosted links to harvest credentials or deliver payloads. Darktrace / EMAIL detected and blocked multiple such campaigns in November 2025 by identifying anomalous senders, short-lived domains, and hidden malicious links #Amazon #Darktrace
TAG-150 is a growing Malware-as-a-Service operator active since March 2025 that uses two custom families, CastleLoader (a loader) and CastleRAT (a RAT), to run large-scale, modular, multi-stage campaigns primarily targeting the United States. Darktrace observed and contained an early-stage CastleLoader infection that connected to C2 infrastructure at 173.44.141[.]89 by using Autonomous Response to block external connections and enforce a group pattern of life. #TAG-150 #CastleLoader
DragonForce-linked RaaS activity in a manufacturing case began with internal network scanning and brute-force attempts against administrator accounts, progressed through privileged Kerberos and SMB usage, and included SSH data exfiltration to 45.135.232[.]229 (ASN AS198953 Proton66 OOO) before culminating in SMB-based file encryption with a .df_win extension and a ‘readme.txt’ ransom note. Darktrace observed OpenVAS user-agent strings, suspicious Windows Registry changes affecting WMI and scheduled tasks, and NetScan-associated ‘delete.me’ files but the absence of Autonomous Response allowed the intrusion to advance. #DragonForce #Proton66
Arkanix is a newly observed information stealer offered via Discord with both Python (Nuitka-packed) and C++ builds that harvest browser data, wallet and VPN credentials, Discord tokens, files, screenshots and system information before exfiltrating them to arkanix[.]pw. The C++ variant uses a Chrome process injection technique (âChrome Elevatorâ) to bypass App Bound Encryption and dump browser data, and operators advertise premium features and obfuscation via VMProtect. #Arkanix #ChromeElevator
This article describes how Sekoia TDR uses the Assemblyline analysis pipeline and its ConfigExtractor service (backed by MACO) to automate extraction of malware configuration data, demonstrated with a Kaiji IoT botnet sample. The workflow covers staged services, YARA-based detection, a Python extractor that decodes Base64-embedded configuration strings to retrieve C2:Port tuples, and ingestion of results into threat intelligence. #Kaiji #Assemblyline
A threat actor used the Evilginx adversary-in-the-middle (AITM) phishing framework to target student SSO portals at least 18 U.S. universities since April 2025, delivering personalized TinyURL emails that redirected victims to short-lived subdomain phishing URLs that proxied legitimate login flows and bypassed MFA. Passive DNS analysis and initial web server fingerprinting uncovered nearly 70 domains and multiple dedicated IPs that enabled tracking despite evasion measures like Cloudflare proxies and JavaScript obfuscation; #Evilginx #UniversityOfSanDiego
The CERT-AGID analysis examines how AI agents connected to real code and SDKs can execute commands, interact with files and operating systems, and inadvertently expose sensitive information if interfaces are not designed securely. It emphasizes that preventionâsecure integration, thorough code review, and robust toolingâis the only reliable way to keep AI actions under human control. #CERTAGID #GeminiSDK
CYFIRMA uncovered an APT36 campaign delivering a Python-based RAT to BOSS Linux systems via weaponized .desktop shortcut files inside a malicious archive that staged downloads from lionsdenim[.]xyz and 185[.]235[.]137[.]90. The campaign establishes persistence (systemd user services), supports remote command execution, file exfiltration, screenshots, and cross-platform control for sustained espionage. #APT36 #BOSS