TechNaduFeb 9

The TeamPCP campaign highlights how cloud-native misconfigurations can be industrialized into a full cybercrime platform.

By abusing exposed Docker APIs, Kubernetes clusters, Redis, and vulnerable web apps, the group automates scanning, persistence, proxying, data theft, and monetization - often without novel exploits. This reinforces that operational scale, not exploit sophistication, is now the primary threat driver in cloud environments.

Source: https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html

💬 Are cloud control planes receiving enough defensive visibility?

🔔 Follow @technadu for ongoing cloud threat analysis

#InfoSec #CloudSecurity #KubernetesSecurity #ThreatResearch #MalwareOps #CyberCrime #TechNadu

AI Daily PostNov 13

New research shows Russian hackers can trigger a Claude‑based attack chain with a single click, automating 80‑90% of the steps. Jacob Klein explains how generative AI and large‑language models are being weaponized, turning open‑source tools into malware factories. Dive into the risks and what it means for the AI community. #ClaudeAttack #AnthropicAI #AIPoweredHacking #MalwareOps

🔗 https://aidailypost.com/news/hackers-automate-8090-claudebased-attack-single-click

Manuel BisseyJul 7, 2025

🎯 TAG-140 strikes again: DRAT V2 RAT targets Indian defense & rail sectors via fake Ministry of Defence site. Evasion, persistence & data theft—refined and dangerous.
#APT #MalwareOps 🕵️‍♂️💻

https://thehackernews.com/2025/07/tag-140-deploys-drat-v2-rat-targeting.html

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

TAG-140 targets Indian government sectors with DRAT V2, evolving malware and tactics for greater persistence

The Hacker News
Manuel BisseyJun 11, 2025

🐞 DanaBot slips up: a bug in its C2 code exposed operators after years of stealth. Even malware makes mistakes—this one just cost its creators their cover. #MalwareOps 🕵️ #CyberThreatIntel 🔍

https://www.bleepingcomputer.com/news/security/danabot-malware-operators-exposed-via-c2-bug-added-in-2022/

DanaBot malware operators exposed via C2 bug added in 2022

A vulnerability in the DanaBot malware operation introduced in June 2022 update led to the identification, indictment, and dismantling of their operations in a recent law enforcement action.

BleepingComputer
Manuel BisseyJun 6, 2025

🛑 Global police strike again: several popular counter-antivirus (CAV) services, including AVcheck, have been taken down. A major blow to cybercriminal testing tools. #MalwareOps 🚫 #CyberCrimeCrackdown 👮‍♀️

https://securityaffairs.com/178518/cyber-crime/police-took-down-several-popular-counter-antivirus-cav-services-including-avcheck.html

Police took down several popular counter-antivirus (CAV) services, including AvCheck

On May 27, 2025, authorities seized crypting service sites (including AvCheck, Cryptor) used by vxers to test malware evasion capabilities.

Security Affairs