bug-bounty536
xss296
rce173
google145
bragging-post121
exploit121
account-takeover120
facebook117
privilege-escalation105
malware99
open-source98
microsoft97
authentication-bypass95
csrf87
cve80
access-control77
stored-xss75
web-security68
ai-agents68
writeup66
reflected-xss63
phishing62
ssrf55
input-validation55
reverse-engineering53
information-disclosure53
sql-injection51
api-security51
apple49
smart-contract49
cross-site-scripting49
defi48
privacy47
tool46
ethereum45
ai-security44
vulnerability-disclosure44
browser39
credential-theft39
web-application38
llm38
web337
burp-suite37
automation37
opinion37
remote-code-execution37
race-condition36
lfi36
supply-chain35
authentication35
0
3/10
Zscaler ThreatLabz identified a campaign by Iran-nexus threat actor Dust Specter targeting Iraqi government officials using spear-phishing impersonation of the Ministry of Foreign Affairs to deliver two previously undiscovered malware families: SPLITDROP and GHOSTFORM.
apt
iran-nexus
malware
splitdrop
ghostform
spear-phishing
targeted-attack
iraq
government-targeting
social-engineering
zero-day
threat-actor
Dust Specter
SPLITDROP
GHOSTFORM
Zscaler ThreatLabz
Iraq
Ministry of Foreign Affairs
0
5/10
threat-intelligence
Kaspersky reports on Stan Ghouls (Bloody Wolf), a cybercriminal APT targeting Russia, Uzbekistan, and neighboring countries since 2023. The group uses spear-phishing emails with malicious PDF attachments containing Java-based loaders to deploy NetSupport RAT, with recent campaigns suggesting expansion into IoT-focused malware.
stan-ghouls
netsupport-rat
phishing
malicious-pdf
java-loader
spear-phishing
apt
remote-access-trojan
malware
initial-access
persistence
russia
uzbekistan
financial-sector
manufacturing
it-sector
infrastructure-analysis
ioc
cyberespionage
Stan Ghouls
Bloody Wolf
NetSupport RAT
STRRAT
Strigoi Master
Kaspersky
Securelist