Threat Research

    Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp

    The Water Saci campaign in Brazil employs a heavily layered attack chain using multiple file formats—HTA, ZIP, and PDF—to evade simple detection and complicate analysis. Recently, attackers shifted from PowerShell to a Python-based propagation routine, enabling broader browser compatibility, improved error handling, and faster automated malware delivery through WhatsApp Web....
    12/3/2025  0
    Read More »

    Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C

    The ongoing Water Saci campaign reveals a new attack chain leveraging an email-based C&C infrastructure with multi-vector persistence for enhanced resilience. It employs advanced evasion techniques to avoid analysis and limit activity to specific, intended targets....
    10/28/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.