Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

“Say My Name”: How MioLab is building MacOS Stealer Empire

A look at some of the highlights from the week of cybersecurity news, as well as the company's latest partnership with Microsoft and SentinelOne, which aims to deliver AI-powered security operations and incident response support.

Pulse ID: 69f3426f663eb79b1e568192
Pulse Link: https://otx.alienvault.com/pulse/69f3426f663eb79b1e568192
Pulse Author: CyberHunter_NL
Created: 2026-04-30 11:52:15

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Mac #MacOS #Microsoft #OTX #OpenThreatExchange #RAT #SentinelOne #bot #CyberHunter_NL

Itamar Golan (@ItakGol)

SentinelOne의 @SentinelOne이 Stuxnet 이전 시기의 2005년 사보타주 프레임워크 ‘fast16’를 공개했다. 이 프레임워크는 데이터 유출이 아니라 고정밀 계산을 은밀히 조작하도록 만들어진 점이 특징이다.

https://x.com/ItakGol/status/2047578132174061576

#cybersecurity #research #framework #stuxnet #sentinelone

Itamar Golan (@ItakGol)

SentinelOne 연구팀이 Stuxnet 이전인 2005년의 사보타주 프레임워크 ‘fast16’을 발견했다. 이 도구는 데이터를 탈취하는 대신 고정밀 엔지니어링 계산을 은밀히 조작하도록 설계된 것으로, 사이버 공격의 새로운 유형을 보여준다.

https://x.com/ItakGol/status/2047579378184290607

#cybersecurity #research #framework #stuxnet #sentinelone

Times of India | Anthropic's Mythos is an inflection point, the rules of cybersecurity will have to be rewritten

AI generated summary, Read the full article for complete information.

Anthropic’s new AI model, Mythos, can automatically discover zero‑day vulnerabilities across operating systems and browsers at a speed far beyond human researchers, prompting a crisis in the cybersecurity community. Executives from TrendAI, SentinelOne, Palo Alto Networks, Commvault and other firms warn that traditional patch‑and‑fix cycles are now too slow, as the window between discovery and exploitation has shrunk from years to mere hours. They argue that security must become “AI‑native,” embedding autonomous, constantly learning agents that can prioritize, virtually patch, and respond to threats in real time, while also emphasizing the need for better vulnerability prioritization and quantum‑safe architectures. The upheaval also creates a surge in demand for cyber‑security talent fluent in AI, prompt‑injection attacks and agentic system design.

Read more: https://timesofindia.indiatimes.com/technology/times-techies/anthropics-mythos-is-an-inflection-point-the-rules-of-cybersecurity-will-have-to-be-rewritten/articleshow/130465413.cms

#Anthropic #SentinelOne #ShardaTickoo #DiwakarDayal

AI generated summary, Read the full article for complete information.