2025 Year in Review: Malicious, Infrastructure Explore Insikt Group’s 2025 Malicious Infrastructure Report. Gain insights into Cobalt Strike, Vidar infostealers, and AI-driven threats to secure your 2026 strategy.

1/ Today we’re publishing our annual malicious infrastructure report, providing a broad view of global threat infrastructure. This year, we significantly expanded coverage across malware families, threat categories, and deeper infrastructure insights: www.recordedfuture.com/research/202...

CastleLoader in the wild! Four distinct activity clusters, sector-specific targeting of logistics, and high-end tooling like Matanbuchus and CastleRAT.

Recorded Future’s Insikt Group uncovered four GrayBravo activity clusters. TAG-160 impersonates logistics firms, while TAG-161 impersonates Booking.com, employing ClickFix to deliver CastleLoader and Matanbuchus. www.recordedfuture.com/research/gra...

‘Neutral’ internet governance enables sanctions evasion Internet service providers and hosting companies enable cybercrime and cyber operations. Why don’t sanctions stop them?

In his latest for Binding Hook, @lawrencesec.bsky.social looks at how internet service providers work within the system to evade sanctions and enable #cyberattacks and #disinformation campaigns: bindinghook.com/neutral-inte...

CastleRAT is here 🐀