Our researchers are currently analyzing multiple advanced persistent threats
and emerging attack vectors. New findings will be published as investigations conclude.
A financially motivated cybercrime collective that weaponizes social engineering
over malware. This report maps Scattered Spider's infrastructure through domain impersonation patterns,
JARM fingerprint pivoting, ASN correlation, and IOC clustering.
A single Win+R
command replaces the entire kill chain. This report dissects ClickFix tradecraft adopted by
multiple APT clusters and commodity stealer crews, mapping their infrastructure, lures, and
execution chains into reusable threat-hunting methodologies.
APTMalwareThreat HuntingClickFix
Active campaigns tracked
Multi-family JS loader & PowerShell chain
A full-stack investigation into how a single breach exposed internal wallet segregation, fiat
on-ramps, trading engine connectivity, and operational secrets inside Iran’s largest crypto exchange.
This inaugural report maps the incident across infrastructure, DFIR, and intelligence layers.
