Threat Research

    Anthropic Claude Code Leak

    In March 2026, Anthropic accidentally exposed the full source code of its Claude Code AI agent through a misconfigured npm package that included a large JavaScript source map file. The leak revealed hundreds of thousands of lines of unobfuscated code, exposing internal architecture, agent orchestration logic, and security-related components....
    4/2/2026  0
    Read More »

    Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns

    GoBruteforcer is a Linux-based botnet that converts compromised servers into distributed scanners and password brute-force nodes targeting internet-exposed services such as phpMyAdmin, MySQL, PostgreSQL, and FTP....
    1/8/2026  0
    Read More »

    An Old Vector for New Attacks: How Obfuscated SVG Files Redirect Victims

    The blog explores the growing use of Scalable Vector Graphics (SVG) files in phishing and malware campaigns. SVG files, which are based on XML, can embed malicious JavaScript, making them an attack vector. The blog focuses on one technique—standalone SVG attachments—where malicious files trigger automatic browser redirects when opened, bypassing URL scanning protections....
    4/7/2025  0
    Read More »

    Potential Obfuscated Ordinal Call via Rundll32

    Detects the execution of "rundll32" with potentially obfuscated ordinal function calls....
    2/27/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.