Threat Actor Group Uses Job Scams to Compromise Corporate Accounts

Recently uncovered intelligence reveals that a Vietnam-based threat actor
identified as UNC6229.

Pulse ID: 68fe5343c6b2efd199da48c1
Pulse Link: https://otx.alienvault.com/pulse/68fe5343c6b2efd199da48c1
Pulse Author: cryptocti
Created: 2025-10-26 16:58:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Vietnam #bot #cryptocti

Threat Actors Deploy NetSupport RAT Loaders Using ClickFix

Cybercriminals are using a technique known as ‘ClickFix’ to deploy the NetSupport remote administration tool (RAT) for malicious purposes.

Pulse ID: 68fe09111b5705ff69ffc5ff
Pulse Link: https://otx.alienvault.com/pulse/68fe09111b5705ff69ffc5ff
Pulse Author: cryptocti
Created: 2025-10-26 11:42:09

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #NetSupport #NetSupportRAT #OTX #OpenThreatExchange #RAT #bot #cryptocti

Threat Actors Deploy NetSupport RAT Loaders Using ClickFix

Cybercriminals are using a technique known as ‘ClickFix’ to deploy the
NetSupport remote administration tool (RAT) for malicious purposes.

Pulse ID: 68fe0ac402f642a31c4b750a
Pulse Link: https://otx.alienvault.com/pulse/68fe0ac402f642a31c4b750a
Pulse Author: cryptocti
Created: 2025-10-26 11:49:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #NetSupport #NetSupportRAT #OTX #OpenThreatExchange #RAT #bot #cryptocti

Caminho Malware Conceals Payloads Within Image Files

Sophisticated malware operation has emerged from Brazil which leverages
advanced steganographic techniques to hide malicious payloads within seemingly
harmless image files.

Pulse ID: 68fe0b464c16859b29c5a467
Pulse Link: https://otx.alienvault.com/pulse/68fe0b464c16859b29c5a467
Pulse Author: cryptocti
Created: 2025-10-26 11:51:34

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Brazil #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti

Threat Actors Actively Exploiting Windows Server Update Services Vulnerability in Wild

Researchers have warned of active attacks targeting a severe Remote Code
Execution (RCE) flaw in Microsoft’s Windows Server Update Services
(WSUS). The vulnerability, identified as CVE-2025-59287, carries a CVSS score
of 9.8, categorizing it as Critical. Analysis of this vulnerability reveals that it
allows unauthenticated attackers to execute arbitrary code on unpatched servers.

Pulse ID: 68fdf8e91bea50167b55ee84
Pulse Link: https://otx.alienvault.com/pulse/68fdf8e91bea50167b55ee84
Pulse Author: cryptocti
Created: 2025-10-26 10:33:13

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Microsoft #OTX #OpenThreatExchange #RCE #Vulnerability #Windows #bot #cryptocti

Fake Nethereum Packages Found Stealing Ethereum Wallet Credentials

A highly targeted supply chain attack has been identified within the NuGet
package ecosystem which is aimed at cryptocurrency developers.

Pulse ID: 68fd0c3c58456ca94cec0ca0
Pulse Link: https://otx.alienvault.com/pulse/68fd0c3c58456ca94cec0ca0
Pulse Author: cryptocti
Created: 2025-10-25 17:43:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #NuGet #OTX #OpenThreatExchange #SupplyChain #bot #cryptocurrency #developers #cryptocti

Outdated WordPress Plugins Vulnerabilities has been Patched

Critical vulnerabilities has been identified on WordPress plugins GutenKit and Hunk Companion. This vulnerabilities allowing attackers to install malicious plugins and potentially gain remote code execution (RCE).

Pulse ID: 68fcb71ab6048c897f3db8c0
Pulse Link: https://otx.alienvault.com/pulse/68fcb71ab6048c897f3db8c0
Pulse Author: cryptocti
Created: 2025-10-25 11:40:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RCE #RDP #RemoteCodeExecution #Word #Wordpress #bot #cryptocti

Agenda Ransomware Deploys Linux RAT on Windows Systems

Pulse ID: 68fcba0c7a843806144206e0
Pulse Link: https://otx.alienvault.com/pulse/68fcba0c7a843806144206e0
Pulse Author: cryptocti
Created: 2025-10-25 11:52:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Linux #OTX #OpenThreatExchange #RAT #RansomWare #Windows #bot #cryptocti

Jingle Thief Attackers Exploit Via Weaponized Gift Cards

Pulse ID: 68fc0df6085fcbf79fd8bb3b
Pulse Link: https://otx.alienvault.com/pulse/68fc0df6085fcbf79fd8bb3b
Pulse Author: cryptocti
Created: 2025-10-24 23:38:30

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #bot #cryptocti

Advance Phishing Operation by Iranian Threat actor MuddyWater

Iranian Threat actor MuddyWater has a phishing campaign targeting more than 100
government entities.

Pulse ID: 68fbed185292b064cc959eff
Pulse Link: https://otx.alienvault.com/pulse/68fbed185292b064cc959eff
Pulse Author: cryptocti
Created: 2025-10-24 21:18:16

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Government #InfoSec #Iran #MuddyWater #OTX #OpenThreatExchange #Phishing #RAT #bot #cryptocti