Threat Research

    Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques

    The Agenda ransomware group (Qilin) has been observed deploying Linux-based binaries on Windows hosts using legitimate remote management and file transfer tools. This cross-platform technique evades traditional Windows-focused detections, including many EDR solutions....
    11/13/2025  0
    Read More »

    Uncovering Qilin Attack Methods Exposed Through Multiple Cases

    In the latter half of 2025, the Qilin ransomware group has continued leaking victim data at over 40 cases per month, ranking among the most active global threat actors....
    10/27/2025  0
    Read More »

    Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal

    The Agenda ransomware group, also known as Qilin, has continued to evolve since its emergence in 2022, shifting its ransomware development from Go to Rust and incorporating advanced evasion, propagation, and remote execution capabilities. In a recent campaign, the group deployed SmokeLoader alongside a newly discovered....
    5/8/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.