VenomRAT, first observed in 2020 as a fork of Quasar RAT, has evolved into a modular, service-based remote access trojan with advanced keylogging, stealth, and evasion capabilities. It is distributed primarily through phishing campaigns and fake antivirus websites (notably Bitdefender clones)...
Void Blizzard, a Russian state-sponsored APT attributed to the GRU and tracked as Laundry Bear by Dutch intelligence, has rapidly emerged as a major cyber espionage threat since April 2024. The group targets government, defense, telecommunications, NGOs, and critical infrastructure across NATO...
Venom Spider (TA4557) is a financially motivated cybercriminal group specializing in spear-phishing campaigns against HR professionals, primarily in the U.S., U.K., Canada, Australia, and Germany. Their attacks exploit the HR function’s need to process external attachments..
Bumblebee malware has escalated its tactics by compromising the supply chain of RVTools, a widely used VMware utility, to deliver trojanized installers containing a malicious version.dll loader. This attack, detected in May 2025, distributed malware via both official and typosquatted domains..
DragonForce has rapidly evolved into a major RaaS operation, distinguished by its sophisticated use of BYOVD techniques to bypass EDR and escalate privileges. The group’s modular ransomware builder allows affiliates to select vulnerable drivers (notably TrueSight.sys, RentDrv.sys) for process ter...