Advanced Fileless Remcos RAT Abusing Native Windows Tools

Pulse ID: 69d2ba26efd7dcef6be56abc
Pulse Link: https://otx.alienvault.com/pulse/69d2ba26efd7dcef6be56abc
Pulse Author: cryptocti
Created: 2026-04-05 19:38:14

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Remcos #RemcosRAT #Windows #bot #cryptocti

Kimsuky Deploys Weaponized LNK Files to Install Python-Based Backdoor

Pulse ID: 69d2baa573c8faf15f08f4d4
Pulse Link: https://otx.alienvault.com/pulse/69d2baa573c8faf15f08f4d4
Pulse Author: cryptocti
Created: 2026-04-05 19:40:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #Kimsuky #LNK #OTX #OpenThreatExchange #Python #UK #bot #cryptocti

Claude Code Leak Exploited to Spread Vidar and GhostSocks Malware

A massive source code leak of Anthropic’s Claude Code has been exploited to spread Vidar and GhostSocks malware through fake GitHub repositories.

Pulse ID: 69d113c05689fa926385fe59
Pulse Link: https://otx.alienvault.com/pulse/69d113c05689fa926385fe59
Pulse Author: cryptocti
Created: 2026-04-04 13:36:00

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #GitHub #InfoSec #Malware #OTX #OpenThreatExchange #RCE #Vidar #bot #cryptocti

Phorpiex Botnet Exploited for Ransomware, Sextortion Emails and Crypto Malware

The Phorpiex botnet is a long running cybercrime platform that spreads ransomware, sextortion campaigns and cryptocurrency stealing malware.

Pulse ID: 69d114b70ef871be66e8bf63
Pulse Link: https://otx.alienvault.com/pulse/69d114b70ef871be66e8bf63
Pulse Author: cryptocti
Created: 2026-04-04 13:40:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberCrime #CyberSecurity #Email #Extortion #InfoSec #Malware #OTX #OpenThreatExchange #Phorpiex #RansomWare #bot #botnet #cryptocurrency #cryptocti

TA416 Group Targets Government and Diplomatic Networks

Attackers are targeting government and diplomatic organizations in Europe and the Middle East using phishing emails, web bugs and trusted cloud services. This campaign delivers malware through evolving techniques to gain persistent access, conduct reconnaissance and collect sensitive geopolitical intelligence.

Pulse ID: 69d060baa68b2ed82d1d5c73
Pulse Link: https://otx.alienvault.com/pulse/69d060baa68b2ed82d1d5c73
Pulse Author: cryptocti
Created: 2026-04-04 00:52:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #Email #Europe #Government #InfoSec #Malware #MiddleEast #OTX #OpenThreatExchange #Phishing #Rust #bot #cryptocti

Threat Actors Using LNK Files and GitHub for Stealthy C2 Operations

Attackers launch phishing campaigns using malicious LNK files disguised as PDFs to deliver hidden PowerShell scripts.

Pulse ID: 69d0235ccaea90f7a7036123
Pulse Link: https://otx.alienvault.com/pulse/69d0235ccaea90f7a7036123
Pulse Author: cryptocti
Created: 2026-04-03 20:30:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #GitHub #InfoSec #LNK #OTX #OpenThreatExchange #PDF #Phishing #PowerShell #RAT #bot #cryptocti

Active Exploitation of TrueConf Zero Day Targets Southeast Asian Government Systems

Targeted attacks against government entities in Southeast Asia used a
legitimate TrueConf software where a zero day vulnerability in the
updater validation mechanism.

Pulse ID: 69cd6f252e8a1dee8c82a30e
Pulse Link: https://otx.alienvault.com/pulse/69cd6f252e8a1dee8c82a30e
Pulse Author: cryptocti
Created: 2026-04-01 19:16:53

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #CyberSecurity #Government #InfoSec #OTX #OpenThreatExchange #Vulnerability #bot #cryptocti

Axios NPM Package Weaponized in Supply Chain Attack

Pulse ID: 69cc37cded784044389404e0
Pulse Link: https://otx.alienvault.com/pulse/69cc37cded784044389404e0
Pulse Author: cryptocti
Created: 2026-03-31 21:08:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #SupplyChain #bot #iOS #cryptocti

Phishing Campaign Impersonates Sri Lanka Postal Service

Pulse ID: 69cc08a81d459af327385a6f
Pulse Link: https://otx.alienvault.com/pulse/69cc08a81d459af327385a6f
Pulse Author: cryptocti
Created: 2026-03-31 17:47:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #Phishing #bot #cryptocti

ClickFix Variant Exploiting Rundll32 and WebDAV for Evasion

A new ClickFix variant abuses rundll32.exe and WebDAV to execute
malicious DLLs while evading detection. It uses fake CAPTCHA pages to
trick users into running commands, then operates filelessly and injects
into legitimate processes for stealth.

Pulse ID: 69cae9f67d974aa2e5a39c86
Pulse Link: https://otx.alienvault.com/pulse/69cae9f67d974aa2e5a39c86
Pulse Author: cryptocti
Created: 2026-03-30 21:24:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CAPTCHA #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #SSL #bot #cryptocti