Threat Research

    Spam Campaign Abuses Atlassian Jira, Targets Government and Corporate Entities

    A large-scale spam campaign abused Atlassian Cloud’s trusted domain to distribute multilingual phishing emails targeting government and corporate entities....
    2/18/2026  0
    Read More »

    Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft

    The team observed increased threat activity matching tactics linked to previous ShinyHunters extortion campaigns. These operations rely heavily on advanced voice phishing (vishing) techniques. Attackers use victim-branded credential harvesting sites to capture SSO credentials and MFA codes. With initial access gained, they pivot into corporate cloud environments....
    2/2/2026  0
    Read More »

    Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

    We are tracking BRICKSTORM malware, used to maintain long-term access to U.S. organizations. Since March 2025, Team Consulting has responded to intrusions in sectors like legal, SaaS, BPOs, and tech. The targets likely support zero-day development and serve as pivot points to broader victims....
    10/9/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.