Phishing Campaign Uses Maduro Arrest Story to Deliver Backdoor Malware

This threat campaign uses phishing emails related to the reported arrest of Venezuelan President Nicolás Maduro to spread malware. Attackers send emails with a ZIP attachment that looks like news content.

Pulse ID: 69623f17d7278decd8416e6a
Pulse Link: https://otx.alienvault.com/pulse/69623f17d7278decd8416e6a
Pulse Author: cryptocti
Created: 2026-01-10 11:59:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #Email #InfoSec #Malware #OTX #OpenThreatExchange #Phishing #ZIP #bot #cryptocti

CNCERT: Risk Warning Regarding the "Black Cat" Gang's Use of Search Engines to Spread Counterfeit Notepad++ Download Remote Control Backdoors

CNCERT and Microstep Online jointly detected a cyberattack campaign launched by the "Black Cat" criminal gang. This gang uses search engine SEO (Search Engine Optimization) techniques to push meticulously crafted phishing websites to the top of search engine keyword results. After visiting these high-ranking phishing pages, users are lured by carefully designed download pages, attempting to download software installation packages bundled with malicious programs. Once installed, the program implants a backdoor Trojan without the user's knowledge, leading to the theft of sensitive data from their host computer by attackers.

Pulse ID: 6960d767ed2466fdb23d97e5
Pulse Link: https://otx.alienvault.com/pulse/6960d767ed2466fdb23d97e5
Pulse Author: AlienVault
Created: 2026-01-09 10:24:39

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberAttack #CyberSecurity #Edge #InfoSec #Notepad #OTX #OpenThreatExchange #Phishing #RAT #Trojan #Word #bot #AlienVault

DeedRAT: Unpacking a Modern Backdoor's Playbook

Pulse ID: 695f7bc52fe049df9fc8401b
Pulse Link: https://otx.alienvault.com/pulse/695f7bc52fe049df9fc8401b
Pulse Author: Tr1sa111
Created: 2026-01-08 09:41:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #DRat #EDR #InfoSec #OTX #OpenThreatExchange #RAT #bot #Tr1sa111

DeedRAT: Unpacking a Modern Backdoor's Playbook

Pulse ID: 695f7bd8cf25f0327748397e
Pulse Link: https://otx.alienvault.com/pulse/695f7bd8cf25f0327748397e
Pulse Author: Tr1sa111
Created: 2026-01-08 09:41:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #DRat #EDR #InfoSec #OTX #OpenThreatExchange #RAT #bot #Tr1sa111

FIN7 Threat Actors Using Windows SSH Backdoor to Establish Stealthy Remote Access

FIN7 also called Savage Ladybug is still a major threat to enterprise environments.
They’ve been improving a Windows SSH backdoor campaign.

Pulse ID: 695d6cf373e395066cf9873a
Pulse Link: https://otx.alienvault.com/pulse/695d6cf373e395066cf9873a
Pulse Author: cryptocti
Created: 2026-01-06 20:13:39

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #FIN7 #InfoSec #OTX #OpenThreatExchange #SSH #Windows #bot #cryptocti

New .NET CAPI Backdoor Targets Auto and E-Commerce Firms

Automobile and e-commerce sectors targeted by new .NET malware CAPI Backdoor.

Pulse ID: 695d60e937d8b798586a443b
Pulse Link: https://otx.alienvault.com/pulse/695d60e937d8b798586a443b
Pulse Author: cryptocti
Created: 2026-01-06 19:22:17

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #Malware #NET #OTX #OpenThreatExchange #RCE #bot #cryptocti

HoneyMyte Campaign Weaponizes Rootkits to Hijack Asian Governments

HoneyMyte compromises government systems in Southeast and East Asia
by deploying rare kernel-mode rootkits. The rootkit enables the threat
actor to deploy a backdoor named “ToneShell” without being detected
enabling them to conduct long-term cyber-espionage activities against
government organizations while remaining undetected.

Pulse ID: 695ba557138e5247521b0042
Pulse Link: https://otx.alienvault.com/pulse/695ba557138e5247521b0042
Pulse Author: cryptocti
Created: 2026-01-05 11:49:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #CyberSecurity #Espionage #Government #InfoSec #OTX #OpenThreatExchange #Rootkit #bot #cyberespionage #cryptocti

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers have uncovered a new China-aligned APT group named LongNosedGoblin targeting governmental entities in Southeast Asia and Japan for cyberespionage. The group employs a varied custom toolset of C#/.NET applications and abuses Group Policy for lateral movement. Key tools include NosyHistorian for collecting browser history, NosyDoor backdoor using cloud services as C&C, and NosyStealer for exfiltrating browser data. The attackers also utilize techniques like AppDomainManager injection and AMSI bypassing. LongNosedGoblin has been active since at least September 2023, showing ongoing campaigns throughout 2024 and 2025. The research provides detailed analysis of the group's malware and tactics, including potential sharing of the NosyDoor backdoor among multiple China-aligned actors.

Pulse ID: 6958f815aa5cbfe2f0a8d82d
Pulse Link: https://otx.alienvault.com/pulse/6958f815aa5cbfe2f0a8d82d
Pulse Author: AlienVault
Created: 2026-01-03 11:05:57

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #Browser #CandC #China #Cloud #CyberSecurity #Cyberespionage #ESET #Espionage #Government #ICS #InfoSec #Japan #Malware #NET #OTX #OpenThreatExchange #RAT #bot #AlienVault

MuddyWater: Snakes by the riverbank

MuddyWater, an Iran-aligned cyberespionage group, has been targeting critical infrastructure in Israel and Egypt with custom malware and improved tactics. The campaign uses previously undocumented tools like the Fooder loader and MuddyViper backdoor to enhance defense evasion and persistence. Fooder masquerades as a Snake game and uses game-inspired techniques to hinder analysis. MuddyViper enables system information collection, file manipulation, and credential theft. The group also employs browser-data stealers and reverse tunneling tools. This campaign demonstrates MuddyWater's evolution towards more sophisticated and refined approaches, though traces of operational immaturity remain. The group continues to pose a significant threat, particularly to government, military, telecommunications, and critical infrastructure sectors in the Middle East.

Pulse ID: 6958f81623f8ea731f649bfb
Pulse Link: https://otx.alienvault.com/pulse/6958f81623f8ea731f649bfb
Pulse Author: AlienVault
Created: 2026-01-03 11:05:58

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Bank #Browser #CyberSecurity #Cyberespionage #Espionage #Government #ICS #InfoSec #Iran #Israel #Malware #MiddleEast #Military #MuddyWater #OTX #OpenThreatExchange #RAT #Telecom #Telecommunication #bot #AlienVault

POV curl her up and backdoor her

#3dporn #porn #backdoor #anal #instadouble #snowbunny #interracial #sex #bigblackcock #sexyass #sexybody #oiled #blacked #bitch #whore #slut #18+ #lewd #gooner #sexaddict #moaning #pov #deeppenetration #plap #raw #fuck