Cyble uncovers a campaign linked to the APT group DONOT, targeting Pakistan's manufacturing industry supporting maritime and defense sectors. cyble.com/blog/donots-at… #APT #Cyberattack #DONOT #Cyberspionage #CRIL #ThreatIntel

Cyble analyzes an ongoing campaign targeting business professionals across the United States, utilizing the Ursnif banking Trojan to steal sensitive information. cyble.com/blog/ursnif-tr… #Banking #Trojan #Ursnif #Shellcode #Mshta #CertUti

Cyble analyzes a malicious campaign targeting the manufacturing industry, using process injections to deliver Lumma Stealer and Amadey bot. cyble.com/blog/threat-ac… #manufacturing #ProcessInjection #LummaStealer #AmadeyBot #CRIL

Cyble analyzes the intensification of the ongoing Head Mare campaign against Russia, with deceptive ZIP archives being used to deploy the PhantomCore Backdoor. cyble.com/blog/head-mare… #Hacktivism #Malware #Backdoor #SocialEngineering #CRIL #ThreatIntel

Cyble analyzes the role of Hacktivist collectives in the recent political instability in France, despite their different motivations and ideologies. cyble.com/blog/hacktivis… #Hacktivism #Assad #HolyLeague #PeoplesCyberArmy #CRIL #ThreatIntel #Anonymous

Cyble investigates a rising trend where threat actors leverage SSH commands within shortcut files (LNK). cyble.com/blog/a-stealth… #SSH #LNK #Malware #Cyberattack #CRIL #ThreatIntel

CRIL analyzes the return of Hexalocker Ransomware in a new version that leverages the Skuld Stealer and other advanced capabilities. cyble.com/blog/hexalocke… #Malware #Ransomware #Infostealer #Hexalocker #Skuld #CRIL

Cyble analyzes a cyberattack specifically engineered to target German citizens via DLL Sideloading, DLL Proxying, and the use of Sliver. cyble.com/blog/sliver-im… #Cyberattack #Sliver #DLLSideloading #DLLProxying #SocialEngineering

Cyble investigates a surge in crypto phishing attacks, investment scams, and malware campaigns exploiting DeepSeek’s rising popularity. cyble.com/blog/deepseeks… #DeepSeek #Malware #CryptoAttacks #Scam #ThreatIntel #CRIL

Cyble analyzes stealthy and sophisticated malware capable of bypassing Chrome's app-bound encryption via dual injection techniques. cyble.com/blog/dual-inje… #Malware #Chrome #DualInjection #Infostealer #CRIL #ThreatIntel

Cyble analyzes BTMOB RAT, advanced Android malware actively spreading via phishing sites, leveraging Accessibility Services to steal credentials, control devices remotely, and execute various malicious activities. cyble.com/blog/btmob-rat… #BTMOB #SpySolr #Trojan #Phishing #CRIL

CRIL uncovers a stealthy campaign where threat actors use null-AMSI to disable security products to deploy AsyncRAT. cyble.com/blog/null-amsi… #Trojan #AsyncRAT #Malware #ThreatIntelligence #CRIL #AMSI

Cyble analyzes Phantom Goblin, a malware operation that leverages social engineering tactics to distribute information-stealing malware, enabling credential theft. cyble.com/blog/phantom-g… #PhantomGoblin #Malware #Infostealer #CredentialTheft #DataExfiltration #CRIL

Cyble analyzes a new malware campaign that tricks Polish job-seeking developers with fake coding challenges to steal sensitive data through a stealthy backdoor - FogDoor. cyble.com/blog/fake-codi… #FogDoor #Backdoor #DataExfiltration #Socialengineering #CRIL #ThreatIntel

Cyble analyzes TsarBot, a newly identified Android banking Trojan that employs overlay attacks to target over 750 banking, financial, and cryptocurrency applications worldwide. cyble.com/blog/tsarbot-u… #TsarBot #BFSI #Trojan #Malware #Cryptocurrency #CRIL #ThreatIntel

Cyble investigates the DOGE BIG BALLS Ransomware, analyzing its operation and the false ties made to Edward Coristine. cyble.com/blog/doge-big-… #Ransomware #DOGE #EdwardCoristine #DOGEBIGBALLS #ThreatIntel #CRIL

CRIL discovers over 20 malicious apps targeting crypto wallet users with phishing tactics and Play Store distribution under compromised developer accounts. cyble.com/blog/crypto-ph… #CryptoPhishing #SocialEngineering #Cryptotheft #CRIL #ThreatIntel

CRIL analyzes an ongoing LogoKit phishing campaign that pulls brand assets from Clearbit and Google Favicon. cyble.com/blog/logokit-b… #CredentialTheft #BrandMonitoring #Phishing #SocialEngineering #LogoKit #ThreatIntel

Cyble analyzes "Scanception", an ongoing quishing campaign using QR codes in PDFs to bypass security, harvest credentials, and evade detection systems. cyble.com/blog/scancepti… #Scanception #Quishing #CredentialTheft #ThreatIntel

RedHook is a new Android banking trojan that targets Vietnamese users via phishing sites posing as trusted financial and government institutions. cyble.com/blog/redhook-n… #Phishing #Trojan #SocialEngineering #Spyware #ThreatIntel