bug-bounty536
xss296
rce173
google147
exploit122
bragging-post121
account-takeover120
facebook117
privilege-escalation105
malware101
microsoft100
open-source96
authentication-bypass95
csrf87
cve79
stored-xss75
access-control74
ai-agents68
web-security68
writeup67
phishing64
reflected-xss63
input-validation55
ssrf55
information-disclosure53
reverse-engineering53
api-security51
sql-injection51
apple50
cross-site-scripting49
smart-contract49
defi48
privacy47
tool46
ethereum45
vulnerability-disclosure44
browser41
ai-security41
dos39
web-application38
remote-code-execution37
burp-suite37
opinion37
web337
credential-theft37
llm37
automation37
supply-chain36
lfi36
race-condition36
0
5/10
threat-intelligence
Kaspersky reports on Stan Ghouls (Bloody Wolf), a cybercriminal APT targeting Russia, Uzbekistan, and neighboring countries since 2023. The group uses spear-phishing emails with malicious PDF attachments containing Java-based loaders to deploy NetSupport RAT, with recent campaigns suggesting expansion into IoT-focused malware.
stan-ghouls
netsupport-rat
phishing
malicious-pdf
java-loader
spear-phishing
apt
remote-access-trojan
malware
initial-access
persistence
russia
uzbekistan
financial-sector
manufacturing
it-sector
infrastructure-analysis
ioc
cyberespionage
Stan Ghouls
Bloody Wolf
NetSupport RAT
STRRAT
Strigoi Master
Kaspersky
Securelist