Threat Research

    The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors

    DarkSword is a sophisticated iOS full-chain exploit leveraging multiple zero-day vulnerabilities to fully compromise devices running iOS 18.4 to 18.7. Since late 2025, it has been used by commercial surveillance vendors and state-sponsored actors across campaigns targeting regions including Saudi Arabia, Turkey, Malaysia, and Ukraine....
    3/19/2026  0
    Read More »

    Tracking Malware and Attack Expansion: A Hacker Group’s Journey Across Asia

    In January 2025, Labs identified a series of Winos 4.0 attacks targeting users in Taiwan. By February, it became evident that the threat actor had transitioned to new malware families and broadened their operations....
    10/29/2025  0
    Read More »

    Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

    The Earth Kurma APT campaign targets government and telecommunications sectors in Southeast Asia, particularly in the Philippines, Vietnam, Thailand, and Malaysia. This sophisticated attack uses advanced malware, including custom rootkits and cloud storage for data exfiltration....
    4/28/2025  0
    Read More »

    Python-Based NodeStealer Version Targets Facebook Ads Manager

    The NodeStealer malware has evolved from JavaScript to Python, enhancing its ability to steal sensitive data. Our team uncovered this updated variant in a campaign targeting a Malaysian educational institution, linked to a Vietnamese group. It harvests browser data, credit card details, and Facebook Ads Manager accounts for financial information....
    12/26/2024  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.