On April 1, 2026, a zip archive named CV - Vu PLPC So2156516.zip was uploaded to VirusTotal from Vietnam. This archive contains a Microsoft Compiled HTML (CHM) file named Word Document - CV - Vu PLPC KT nam 2026.chm. CHM files have historically been used by a plethora of threat actors. In my personal experience, I have seen CHM files trojanized primarily in state-sponsored/targeted activity rather than opportunistic cybercrime. That is only a personal observation, not substantiated by any serious data analysis.
Notes on an interesting low detection linux and macOS #backdoor shared by @malwrhunterteam (Likely DPRK Backdoor 🇰🇵)
🐞ELF: f26711b081192e5e0deb4dc25f68d6a2
📡Domains: mefng.giize[.]com, drawpin.accesscam[.]org, chopaw.camdvr[.]org
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
I have created a website, where you can share your sample analysis (via links or posts) and search samples for training based on tags and difficulty.
If you write analysis blogs, you can share them there.
https://samplepedia.cc
Phrack turns 40.
The digital drop is live.
Download it. Archive it. Pass it on.
💾 https://www.phrack.org
Help request. My brother has Stage 4 colorectal cancer.
His life insurance has refused to pay out on a technicality, meaning he and his loved ones cannot afford the mortgage on their home.
I've never asked for anything in return for infosec stuff, but if you have anything spare, please chuck it this direction instead:
Jade
Karsten Hahn
Miles 
Phrack
Kevin Beaumont