APT36 is leveraging AI-assisted coding tools to mass-produce malware implants targeting India.

Polyglot binaries (Nim, Zig, Crystal, Rust) + trusted services like Slack & Google Sheets for C2.

Researchers call it Distributed Denial of Detection.

Source: https://thehackernews.com/2026/03/transparent-tribe-uses-ai-to-mass.html

Follow us for more threat intelligence updates.

#Infosec #APT36 #ThreatIntel #Malware #CyberSecurity

📢⚠️#Pakistan-linked APT36 is flooding Indian government networks with AI-generated “#Vibeware”, disposable malware built with AI. The campaign abuses trusted platforms like Google Sheets, Slack, and Discord for C&C

Read: https://hackread.com/pakistan-apt36-indian-govt-networks-ai-vibeware/

#CyberSecurity #APT36 #TransparentTribe #Malware #AI #CyberAttack

Assisi [ca. 1920]
1 print (poster) : lithograph, color ; 98 x 67 cm. | Poster showing Assisi and the countryside as if from a window in a tower.

#Assisi #Italy #Umbria #Italian #ASSISI #APT36 #Umbrian #travelposters #lithographs #italian #assisi(italy) #color #photopgraphy #LibraryOfCongress

https://www.loc.gov/pictures/item/2004675365/

🛡️ APT36 DeskRAT Malware Campaign Against Indian Government
Pakistan-linked APT36 is targeting Indian government systems via Golang-based DeskRAT malware, delivered through spear-phishing emails and malicious ZIP/Desktop attachments. Linux BOSS and Windows systems are compromised, enabling remote access and exfiltration.
💬 How should public sector entities defend against state-sponsored malware campaigns? Share your insights below.

Follow TechNadu for verified cybersecurity news and threat intelligence updates.

#CyberSecurity #APT36 #DeskRAT #Malware #StateSponsoredAttack #InfoSec #ThreatIntel #India #TechNadu #GolangMalware

Discover how #TransparentTribe (#APT36) uses a disguised DESKTOP dropper to deploy #DeskRAT, a Golang RAT, on BOSS Linux endpoints in India.

Our Sekoia #TDR report breaks down the full infection chain and stealthy WebSocket C2 communications .

Read more 👉 https://blog.sekoia.io/transparenttribe-targets-indian-military-organisations-with-deskrat/

In the lead-up to #APNIC60, where Chief Technical Officer Leslie Daigle will give a keynote address, we’re publishing a series of articles that address regionally meaningful threats beyond the well-documented Chinese-origin attacks. Each case offers a different lens on the threat landscape—ranging from geopolitical motivations to financial disruption and targeted espionage. Our goal is to provide context, elevate regional perspectives, and set the stage for deeper discussion during the keynote.

This is the first in that series, covering #APT36, a believed Pakistani state-aligned group that systematically exploits Internet service provider networks to launch cyber operations against Indian targets.

Between April and August 2025, AIDE captured 116,374 incidents on Indian sensors across 75 Autonomous System Numbers (ASNs) based in Pakistan.

The findings show how APT36 abused ISP infrastructure, deployed multi-architecture malware, and exploited routing security gaps at scale.

Read all about what we found, and stay tuned for the next installment.

https://globalcyberalliance.org/aide-data-apt36/

#threatintelligence #threatintel #cybersecurity #AIDE #research #malware #routingsecurity