Threat Research

    GRU-Linked BlueDelta Evolves Credential Harvesting

    Between February and September 2025, multiple credential-harvesting campaigns were attributed to BlueDelta, a Russian state-sponsored threat group linked to the GRU. These operations expand on BlueDelta’s ongoing credential-theft activity previously documented in Insikt Group’s December 2025 report. During 2025, BlueDelta targeted a limited but distinct set of victims....
    1/23/2026  0
    Read More »

    OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

    The campaign targets the energy, oil, and gas sectors using phishing and Microsoft ClickOnce exploitation. It shows traits linked to Chinese threat actors, though attribution remains tentative. Using “living off the land” tactics, it hides malicious activity within legitimate cloud and enterprise tools....
    6/26/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.