Threat Research

    APT36: A Nightmare of Vibeware

    Pakistan-linked threat actor APT36 (Transparent Tribe) has shifted to an AI-assisted malware development model known as “vibeware,” generating large volumes of disposable implants using niche programming languages such as Nim, Zig, and Crystal to evade traditional detection....
    3/16/2026  0
    Read More »

    TransparentTribe Targets Indian Military Organisations With DeskRAT

    In mid-2025, TransparentTribe (APT36), a Pakistan-linked cyber espionage group, launched a phishing campaign targeting Indian government and defense organizations, focusing on Linux-based systems. The campaign used malicious DESKTOP files within ZIP archives to deploy a Golang-based remote access trojan (RAT) called DeskRAT....
    10/27/2025  0
    Read More »

    Phishing Attack: Deploying Malware on Indian Defense BOSS Linux

    Our team uncovered a cyber-espionage campaign by APT36 (Transparent Tribe), targeting Indian defense personnel. In a tactical shift, the group now focuses on Linux systems, especially BOSS Linux used by Indian government agencies. Phishing emails deliver a ZIP file containing a malicious .desktop shortcut that executes on user interaction....
    7/7/2025  0
    Read More »

    APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware

    APT36, or Transparent Tribe, is a Pakistan-based threat group targeting Indian defense personnel via advanced phishing campaigns. They send emails with malicious PDFs mimicking government documents, leading to fake National Informatics Centre (NIC) login pages. Clicking the fake login triggers a download of a ZIP file containing disguised malware....
    6/25/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.