threat-intel 14

• Less panic patching, more precision May 28, 2026
• Tracking TamperedChef Clusters via Certificate and Code Reuse May 20, 2026
• From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat May 19, 2026
• Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files May 15, 2026
• Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware May 11, 2026
• The Good, the Bad and the Ugly in Cybersecurity – Week 19 May 8, 2026
• Insights into the clustering and reuse of phone numbers in scam emails May 6, 2026
• UAT-8302 and its box full of malware May 5, 2026
• That AI Extension Helping You Write Emails? It’s Reading Them First Apr 30, 2026
• The n8n n8mare: How threat actors are misusing AI workflow automation Apr 15, 2026
• State-sponsored threats: Different objectives, similar access paths Apr 15, 2026
• Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions Apr 10, 2026
• New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations Apr 9, 2026
• Scroll trīgintā sextus Apr 9, 2026