Threat Category: AIDR

Apr 6/2026 12 min read MuddyWater Exposed: Inside an Iranian APT operation by Adam Swan Apr 6/2026 5 min read Bitbucket API Abuse: A Simple Trick for Stealthy Data Theft by Adam Swan Apr 6/2026 10 min read EtherRAT & SYS_INFO Module: C2 on Ethereum (EtherHiding), Target Selection, CDN-Like Beacons by Adam Swan Apr 6/2026 9 min read Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise by Adam Swan Mar 31/2026 9 min read Supply Chain Attack on Axios Pulls Malicious Dependency from NPM by Adam Swan Mar 31/2026 9 min read Under CTRL: Dissecting a Previously Undocumented Russian .Net Access Framework by Adam Swan Mar 31/2026 8 min read From Phishing to Exfiltration: A Deep Dive into PXA Stealer by Adam Swan Mar 31/2026 6 min read Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER by Adam Swan Mar 30/2026 11 min read 33K Exposed LiteLLM Deployments and the C2 Servers Behind TeamPCP’s Supply Chain Attack by Adam Swan Mar 30/2026 7 min read Abusing Legitimate Low-Level Tools to Help Ransomware Evade Antivirus Detection by Adam Swan