bug-bounty536
xss296
rce173
google145
exploit122
bragging-post121
account-takeover120
facebook117
privilege-escalation105
malware100
microsoft99
open-source96
authentication-bypass95
csrf87
cve79
stored-xss75
access-control74
web-security68
ai-agents68
writeup67
phishing63
reflected-xss63
input-validation55
ssrf55
information-disclosure53
reverse-engineering53
api-security51
sql-injection51
apple49
smart-contract49
cross-site-scripting49
defi48
privacy47
tool46
ethereum45
vulnerability-disclosure44
ai-security41
browser41
credential-theft38
web-application38
web337
dos37
burp-suite37
opinion37
llm37
automation37
remote-code-execution37
race-condition36
supply-chain36
lfi36
0
5/10
threat-intelligence
Kaspersky reports on Stan Ghouls (Bloody Wolf), a cybercriminal APT targeting Russia, Uzbekistan, and neighboring countries since 2023. The group uses spear-phishing emails with malicious PDF attachments containing Java-based loaders to deploy NetSupport RAT, with recent campaigns suggesting expansion into IoT-focused malware.
stan-ghouls
netsupport-rat
phishing
malicious-pdf
java-loader
spear-phishing
apt
remote-access-trojan
malware
initial-access
persistence
russia
uzbekistan
financial-sector
manufacturing
it-sector
infrastructure-analysis
ioc
cyberespionage
Stan Ghouls
Bloody Wolf
NetSupport RAT
STRRAT
Strigoi Master
Kaspersky
Securelist