Durable Workflows in the Microsoft Agent Framework
https://devblogs.microsoft.com/dotnet/durable-workflows-in-microsoft-agent-framework/

#microsoft #NET #AI #Azure #agents #Azure_Functions #Durable_Task #Microsoft_Agent_Framework #workflows

*~*Rewards-in-heaven!*~*

*~*Dear Beloved Friends Across the World!👉

*~*Preach the Word!*~*

*~*Henceforth there is laid up for me the crown of righteousness!*which the Lord!*the righteous judge!*will award to me on that day!*& not only to me but also to all who have loved his appearing!*~*

(2 Timothy 4:8)💌{Apostle Paul}

#Rewards #in #heaven #Preach #the #Word #Be #Bold #and #Courageous #Boost #Each #Other #Up #For #GOD #Christ #Jesus #Holy #Spirit #Love #Others #Net #Work #To #The #World

Pattern matching in C#: scenari avanzati che probabilmente non conosci

https://spcnet.it/pattern-matching-in-c-scenari-avanzati-che-probabilmente-non-conosci/

⚡️ Why you should disable HTTP cache in the API

🏷️ #devdigest #dotnet #net

https://devdigest.today/goto/6419

UAT-8302 and its box full of malware

UAT-8302 is a sophisticated China-nexus advanced persistent threat group targeting government entities in South America since late 2024 and southeastern Europe in 2025. The actor deploys multiple custom-made malware families including NetDraft, a .NET-based backdoor variant of FinalDraft/SquidDoor, and CloudSorcerer version 3. Post-compromise activities involve extensive reconnaissance, credential extraction, information collection from Active Directory, and network proliferation using tools like Impacket. The group establishes persistence through scheduled tasks and deploys additional malware including VSHELL, SNAPPYBEE/DeedRAT, and ZingDoor. UAT-8302 demonstrates connections to several China-nexus threat clusters through shared tooling, including Draculoader and SNOWLIGHT stager. The actor uses legitimate services like MS Graph and OneDrive for command-and-control infrastructure and establishes backdoor access through proxy servers using tools written in Simplified Chinese.

Pulse ID: 69f9f99c0dc1060430bf089e
Pulse Link: https://otx.alienvault.com/pulse/69f9f99c0dc1060430bf089e
Pulse Author: AlienVault
Created: 2026-05-05 14:07:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #China #Chinese #Cloud #CyberSecurity #DRat #EDR #EasternEurope #Europe #Government #InfoSec #Malware #NET #OTX #OpenThreatExchange #Proxy #RAT #RCE #SouthAmerica #bot #AlienVault

CloudZ RAT potentially steals OTP messages using Pheno plugin

Cisco Talos uncovered an intrusion active since January 2026 where attackers deployed CloudZ remote access tool and an undocumented plugin called Pheno to steal credentials and one-time passwords. The attack exploits Microsoft Phone Link application by intercepting synchronized mobile data including SMS and OTPs without requiring phone-level infection. CloudZ evades detection through dynamic memory execution and anti-analysis checks. The infection chain begins with a fake ScreenConnect update executable, leading to a Rust-compiled dropper that deploys a .NET loader, ultimately establishing the modular CloudZ RAT. The Pheno plugin monitors Phone Link processes and intercepts SQLite database files containing synchronized phone data. CloudZ employs ConfuserEx obfuscation, multiple configuration layers, and facilitates various commands including browser data exfiltration, shell execution, and plugin management while maintaining persistence through scheduled tasks.

Pulse ID: 69f9f99cd352da334850ef13
Pulse Link: https://otx.alienvault.com/pulse/69f9f99cd352da334850ef13
Pulse Author: AlienVault
Created: 2026-05-05 14:07:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Cisco #Cloud #CyberSecurity #InfoSec #Microsoft #NET #OTX #OpenThreatExchange #Password #Passwords #RAT #RCE #Rust #SMS #SQL #ScreenConnect #Talos #Word #bot #AlienVault