Threat Research

    UNC2814 - Stealth Espionage via GRIDTIDE Backdoor

    UNC2814 is a PRC-aligned cyber espionage group active since at least 2017. It targets telecom and government sectors to steal communications intelligence and PII. The group has operated in 42 confirmed countries and over 70 suspected across multiple regions Africa, Asia, and the Americas....
    3/23/2026  0
    Read More »

    EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

    EvilAI disguises itself as legitimate productivity or AI tools, using professional interfaces and valid digital signatures to avoid detection. It has spread globally, with the greatest impact seen in Europe, the Americas, and the AMEA region. Targeted sectors include manufacturing, government/public services, and healthcare....
    9/12/2025  0
    Read More »

    #StopRansomware: Play Ransomware

    Since June 2022, the Play ransomware group—also known as Playcrypt—has targeted numerous businesses and critical infrastructure across North, South America, and Europe. By 2024, Play will have become one of the most active ransomware operations, with around 900 victims reported as of May 2025....
    6/5/2025  0
    Read More »

    Invisible Obfuscation Technique Used in PAC Attack

    The "Invisible Obfuscation Technique Used in PAC Attack" involves encoding binary data using Hangul half-width and full-width Unicode characters, representing 0 and 1, to hide a payload in a JavaScript script....
    2/19/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.