Threat Intelligence

All posts in the Threat Intelligence category.

threat-intelligence March 9, 2026 · 4 min read

A0Backdoor Emerges from BlackBasta's Ashes via Teams Phishing

New A0Backdoor malware uses DNS MX records for C2, deployed via Microsoft Teams social engineering targeting financial and healthcare orgs

threat-intelligence February 23, 2026 · 6 min read

AI-Assisted Hacker Breaches 600+ FortiGate Firewalls Across 55 Countries

A Russian-speaking threat actor used commercial AI tools to compromise over 600 FortiGate firewalls in just five weeks, per Amazon Threat Intelligence.

fortinet artificial-intelligence firewall

threat-intelligence February 9, 2026 · 7 min read

Warlock Gang Breached SmarterTools Through Its Own Email Server Software

China-linked ransomware group Storm-2603 compromised SmarterTools by exploiting critical SmarterMail vulnerabilities, then turned the same flaws against the vendor's customers.

ransomware vulnerability china

threat-intelligence February 2, 2026 · 6 min read

Lotus Blossom Turned Notepad++ Into a Six-Month Espionage Pipeline

Chinese APT Lotus Blossom hijacked Notepad++ updates for six months to deploy the custom Chrysalis backdoor targeting telecom and government organizations.

supply-chain apt china

threat-intelligence January 29, 2026 · 5 min read

Sandworm Strikes Poland: ICS Equipment Bricked in Power Grid Attack

Russian APT ELECTRUM breached ~30 Polish energy sites, disabling OT equipment beyond repair in the first major attack on distributed energy resources.

sandworm ICS OT-security