Threat Landscape

Discussion List

• Shai-Hulud 3.0: New Malware Signals Evolving Supply Chain Threats

  24 views 4 comments 0 points Most recent by Du'aine Davis May 22Daily Threat Briefing
• WantToCry uses exposed SMB services for file exfiltration and remote encryption

  4 views 0 comments 0 points Started by Du'aine Davis May 21 Daily Threat Briefing
• Compromised VS Code extension leads to exposure of ~3,800 GitHub repos

  11 views 0 comments 0 points Started by Du'aine Davis May 20 Daily Threat Briefing
• Malicious Tag Rewrites in GitHub Actions Enable Secret Harvesting

  13 views 0 comments 0 points Started by Du'aine Davis May 19 Daily Threat Briefing
• UnDefend Proof-of-Concept Targets Windows Defender Update Availability

  35 views 2 comments 0 points Most recent by Du'aine Davis May 18Daily Threat Briefing
• Phishers Weaponise “Safe Links” Using Multi‑Layered URL Rewriting

  10 views 1 comment 0 points Most recent by Du'aine Davis May 18Daily Threat Briefing
• BreachForums and TeamPCP Promote “Shai Hulud” Supply Chain Attack Competition

  10 views 0 comments 0 points Started by Du'aine Davis May 15 Daily Threat Briefing
• Threat Actors Adopt NATS Messaging Infrastructure for Covert C2

  4 views 0 comments 0 points Started by Du'aine Davis May 15 Daily Threat Briefing
• The Gentlemen RaaS Leak Highlights Infostealer‑Driven Ransomware Operations

  6 views 0 comments 0 points Started by Du'aine Davis May 14 Daily Threat Briefing
• CrashFix: The Next Evolution of ClickFix Browser Extension Tradecraft

  5 views 1 comment 0 points Most recent by Du'aine Davis May 13Daily Threat Briefing
• GhostLock Enables Ransomware-Style File Lockout Without Encryption

  6 views 0 comments 0 points Started by Du'aine Davis May 12 Daily Threat Briefing
• PCPJack Cloud Worm Steals Credentials and Removes TeamPCP Artefact

  5 views 0 comments 0 points Started by Du'aine Davis May 8 Daily Threat Briefing
• CloudZ RAT Targets OTPs via Windows Phone Link Integration

  4 views 0 comments 0 points Started by Du'aine Davis May 7 Daily Threat Briefing
• DigiCert Code Signing Misissuance Leads to Defender False Positives on Root Certificates

  7 views 0 comments 0 points Started by Du'aine Davis May 6 Daily Threat Briefing
• Multi stage Compliance themed Phishing Enables Account Compromise

  11 views 0 comments 0 points Started by Du'aine Davis May 5 Daily Threat Briefing
• Microsoft Teams Abuse Enables Delivery of Custom UNC6692 Malware

  13 views 0 comments 0 points Started by Du'aine Davis April 24 Daily Threat Briefing
• Threat Actors Use Hidden VMs to Evade Defences and Deliver Ransomware

  4 views 0 comments 0 points Started by Du'aine Davis April 20 Daily Threat Briefing
• RedSun Proof‑of‑Concept Abuses Microsoft Defender File Handling Behaviour

  12 views 0 comments 0 points Started by Du'aine Davis April 17 Daily Threat Briefing
• Social Engineering via Obsidian Leads to Stealthy PHANTOMPULSE RAT

  11 views 0 comments 0 points Started by Du'aine Davis April 17 Daily Threat Briefing
• Trusted Google Drive Lures Used to Stealthily Deploy Remcos RAT

  1 view 0 comments 0 points Started by Du'aine Davis April 16 Daily Threat Briefing
• Abuse of n8n automation platforms in large-scale phishing campaigns

  1 view 0 comments 0 points Started by Du'aine Davis April 16 Daily Threat Briefing
• Malicious VS Code Extension Shows GlassWorm Tradecraft Overlap

  43 views 4 comments 1 point Most recent by Du'aine Davis April 13Daily Threat Briefing
• Adobe Reader zero day exploit discovered active since late 2025

  12 views 1 comment 0 points Most recent by Du'aine Davis April 13Daily Threat Briefing
• New PhaaS campaign observed targeting executives with text-based QR codes

  1 view 0 comments 0 points Started by Rafi Mahmood April 10 Daily Threat Briefing
• Windows zero day PoC released by security researcher

  1 view 0 comments 0 points Started by Rafi Mahmood April 9 Daily Threat Briefing
• Chaos malware observed expanding to target misconfigured cloud deployments

  1 view 0 comments 0 points Started by Rafi Mahmood April 9 Daily Threat Briefing
• Social engineering campaign leveraging BPOs and support employees

  1 view 0 comments 1 point Started by Rafi Mahmood April 9 Daily Threat Briefing
• Russian-aligned threat actor abusing SOHO routers for DNS hijacking

  1 view 0 comments 1 point Started by Rafi Mahmood April 8 Daily Threat Briefing
• WhatsApp delivered VBS malware deploys unsigned MSI backdoors

  1 view 0 comments 1 point Started by Du'aine Davis April 1 Daily Threat Briefing
• Ransomware Abuses Legitimate Admin Tools to Disable Antivirus

  1 view 0 comments 1 point Started by Du'aine Davis April 1 Daily Threat Briefing