Transparent Tribe Targets Growing Startups

Attackers are deploying the “Crimson RAT” malware to infect and gain access to systems in growing startups.

Pulse ID: 69875e505a9ae8f06c97b5a1
Pulse Link: https://otx.alienvault.com/pulse/69875e505a9ae8f06c97b5a1
Pulse Author: cryptocti
Created: 2026-02-07 15:46:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RAT #TransparentTribe #bot #cryptocti

Spam Campaign Uses Fake PDF’s to Deploy Remote Monitoring Tools

An ongoing scam that uses social engineering to deploy legitimate remote monitoring and management (RMM) through emails.

Pulse ID: 69871939e080db4402ed2d3b
Pulse Link: https://otx.alienvault.com/pulse/69871939e080db4402ed2d3b
Pulse Author: cryptocti
Created: 2026-02-07 10:51:37

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Email #InfoSec #OTX #OpenThreatExchange #PDF #SocialEngineering #Spam #bot #cryptocti

Odyssey Stealer Actively Targeting macOS Systems

Odyssey Stealer is an advanced macOS focused infostealer that has recently surged in global activity. It targets Apple users through social engineering lures such as fake software updates and malicious applications.

Pulse ID: 6986f5d31bd7f0c1e67f3b1e
Pulse Link: https://otx.alienvault.com/pulse/6986f5d31bd7f0c1e67f3b1e
Pulse Author: cryptocti
Created: 2026-02-07 08:20:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #InfoStealer #Mac #MacOS #OTX #OpenThreatExchange #SocialEngineering #bot #cryptocti

Interlock Ransomware Exploits Zero- Day in Anti-Cheat Driver to Disable EDR/ AV

Interlock ransomware operators have been observed using a new process-killing tool that abuses a zero-day flaw in a gaming anti-cheat kernel driver to try to shutdown endpoint defenses (EDR/AV).

Pulse ID: 69855932736e6c1284218859
Pulse Link: https://otx.alienvault.com/pulse/69855932736e6c1284218859
Pulse Author: cryptocti
Created: 2026-02-06 03:00:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #EDR #Endpoint #InfoSec #OTX #OpenThreatExchange #RAT #RansomWare #ZeroDay #bot #cryptocti

Multi-Stage Dropbox Phishing Campaign Stealing User Credentials

Pulse ID: 69827b7da8ea1d68e09472de
Pulse Link: https://otx.alienvault.com/pulse/69827b7da8ea1d68e09472de
Pulse Author: cryptocti
Created: 2026-02-03 22:49:33

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Dropbox #InfoSec #OTX #OpenThreatExchange #Phishing #bot #cryptocti

DynoWiper Data Wiping Malware Targeting Energy Companies

DynoWiper is a destructive malware group used in an attack on a Polish energy company in December 2025. It is meant to destroy data and shutdown systems not to make money.

Pulse ID: 69823fe0f4fc9f6487e0ffe4
Pulse Link: https://otx.alienvault.com/pulse/69823fe0f4fc9f6487e0ffe4
Pulse Author: cryptocti
Created: 2026-02-03 18:35:12

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #bot #cryptocti

Microsoft Office 0-day Vulnerability Exploited By Threat Actors to Deploy Malware

APT28 is actively exploiting a newly disclosed Microsoft Office Zero-Day vulnerability. The vulnerability is tracked as CVE-2026-21509 with a CVSS score of 7.8.

Pulse ID: 6982434c590cbc365862fc61
Pulse Link: https://otx.alienvault.com/pulse/6982434c590cbc365862fc61
Pulse Author: cryptocti
Created: 2026-02-03 18:49:48

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#0Day #APT28 #CyberSecurity #InfoSec #Malware #Microsoft #MicrosoftOffice #OTX #Office #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Pulsar RAT Malware with Registry- Based User Persistence

Pulsar RAT is a stealthy Windows remote access trojan that achieves persistence through registry Run keys and scheduled tasks while using in - memory PowerShell execution to evade detection.

Pulse ID: 69823da8206ba09a20151a8d
Pulse Link: https://otx.alienvault.com/pulse/69823da8206ba09a20151a8d
Pulse Author: cryptocti
Created: 2026-02-03 18:25:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocti

MoltBot Abused in Campaign to Spread Password-Stealing Malware

A widespread malicious campaign has leveraged the rapid adoption of the open-source personal AI assistant OpenClaw (formerly MoltBot/ClawdBot) by publishing hundreds of rogue “skills” on both its official registry and GitHub.

Pulse ID: 69813f448ec4a007e84b8280
Pulse Link: https://otx.alienvault.com/pulse/69813f448ec4a007e84b8280
Pulse Author: cryptocti
Created: 2026-02-03 00:20:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #GitHub #InfoSec #Malware #OTX #OpenThreatExchange #Password #RCE #Word #bot #cryptocti

Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access

The full text of the full report on this year's EU Referendum has been released by the European Union and the United Nations (EU) in order to mark the anniversary of its creation.

Pulse ID: 6980970cc028ae6cc3a2eae4
Pulse Link: https://otx.alienvault.com/pulse/6980970cc028ae6cc3a2eae4
Pulse Author: cryptocti
Created: 2026-02-02 12:22:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #CyberSecurity #EU #Europe #EuropeanUnion #InfoSec #OTX #OpenThreatExchange #RAT #bot #cryptocti

Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access

The full text of the full report on this year's EU Referendum has been released by the European Union and the United Nations (EU) in order to mark the anniversary of its creation.

Pulse ID: 6980970c335ff5631fab3a26
Pulse Link: https://otx.alienvault.com/pulse/6980970c335ff5631fab3a26
Pulse Author: cryptocti
Created: 2026-02-02 12:22:36

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #CyberSecurity #EU #Europe #EuropeanUnion #InfoSec #OTX #OpenThreatExchange #RAT #bot #cryptocti

Attackers using Fake Job Offers to Deliver Malware

The full text of the full statement of human rights activist Michael Gwynne's statement on the UK government's decision to accept the EU's refugee deal, which has now been ruled out by the European Court of Human Rights.

Pulse ID: 69804aa09f73b719a1777ca7
Pulse Link: https://otx.alienvault.com/pulse/69804aa09f73b719a1777ca7
Pulse Author: cryptocti
Created: 2026-02-02 06:56:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Europe #Government #InfoSec #Malware #OTX #OpenThreatExchange #UK #bot #cryptocti

Hugging Face Exploited for Android RAT Campaign

Android RAT campaign exploited the trusted Hugging Face platform to host and distribute malicious APKs, leveraging social engineering and a two stage infection chain involving a fake security app, TrustBastion.

Pulse ID: 697ffc66cdbd1eb0580ea28b
Pulse Link: https://otx.alienvault.com/pulse/697ffc66cdbd1eb0580ea28b
Pulse Author: cryptocti
Created: 2026-02-02 01:22:46

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APK #Android #CyberSecurity #HuggingFace #InfoSec #OTX #OpenThreatExchange #RAT #Rust #SocialEngineering #bot #cryptocti

RedKitten Covert Surveillance Campaign in Iran Targets Human Rights

The RedKitten campaign targets human rights groups activists and people seeking information about protest related abuses. It uses fake documents and emotional messages to trick victims into installing malware that allows attackers to spy on systems steal data and maintain long term access. The campaign relies on common online services to hide its activity and avoid detection making it harder to track and stop.

Pulse ID: 697ff5fe2420c1aaaf495eab
Pulse Link: https://otx.alienvault.com/pulse/697ff5fe2420c1aaaf495eab
Pulse Author: cryptocti
Created: 2026-02-02 00:55:26

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Iran #Malware #OTX #OpenThreatExchange #bot #cryptocti

Education-Themed Traffic Distribution System Used For Phishing And Malware

Cybersecurity analysts uncovered a sophisticated cybercrime operation abusing school-themed domains within a bulletproof domains within a bulletproof TDS to deliver phishing, scams and malware, enabling persistent credential theft and financial fraud.

Pulse ID: 697ff66ef834dc4a71d2f023
Pulse Link: https://otx.alienvault.com/pulse/697ff66ef834dc4a71d2f023
Pulse Author: cryptocti
Created: 2026-02-02 00:57:18

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberCrime #CyberSecurity #Education #FinancialFraud #InfoSec #Malware #OTX #OpenThreatExchange #Phishing #RAT #bot #cryptocti

Extortion Campaign Targeting SaaS Platforms via Vishing

Pulse ID: 697e72057de3c43019cf84ab
Pulse Link: https://otx.alienvault.com/pulse/697e72057de3c43019cf84ab
Pulse Author: cryptocti
Created: 2026-01-31 21:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Extortion #InfoSec #OTX #OpenThreatExchange #bot #cryptocti

Trojanized VS Code Extension Deploys Multi-Stage Info Stealer

Pulse ID: 697e30833de0695f04403083
Pulse Link: https://otx.alienvault.com/pulse/697e30833de0695f04403083
Pulse Author: cryptocti
Created: 2026-01-31 16:40:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #Trojan #bot #cryptocti

GhostChatSpyware Steals Sensitive Data from Android Users Through WhatsApp

GhostChat isamaliciousAndroidspywarethatposesasadatingapp. It
silentlystealscontacts,devicedata,photosanddocuments,sendingthem
toattacker-controlledservers.

Pulse ID: 697e030ba09a108d0b61ac72
Pulse Link: https://otx.alienvault.com/pulse/697e030ba09a108d0b61ac72
Pulse Author: cryptocti
Created: 2026-01-31 13:26:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #CyberSecurity #InfoSec #OTX #OpenThreatExchange #SpyWare #Troll #WhatsApp #bot #cryptocti

Matanbuchus Malware Modified to Avoid Antivirus Detection

Matanbuchus is a stealthy malware that helps attackers quietly enter systems stay hidden and prepare for bigger attacks like ransomware.

Pulse ID: 697cf2fea65f0b2a3f77ea07
Pulse Link: https://otx.alienvault.com/pulse/697cf2fea65f0b2a3f77ea07
Pulse Author: cryptocti
Created: 2026-01-30 18:05:50

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RansomWare #bot #cryptocti

UAT-8099 Expands IIS Server Attacks with New Persistence Mechanisms

Threat actors tracked as UAT-8099 are targeting exposed Microsoft Internet Information Services servers to deploy BadIIS malware and establish persistent access to compromised environments.

Pulse ID: 697cf5657ca2446715fc56b4
Pulse Link: https://otx.alienvault.com/pulse/697cf5657ca2446715fc56b4
Pulse Author: cryptocti
Created: 2026-01-30 18:16:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Microsoft #OTX #OpenThreatExchange #SMS #bot #cryptocti