Can’t stop, won’t stop: TA584 innovates initial access | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/cant-stop-wont-stop-ta584-innovates-initial-access
General Graboids: Worms and Remote Code Execution in Command & Conquer — Atredis Partners
https://www.atredis.com/blog/2026/1/26/generals
GitHub - mandiant/cleanldap
https://github.com/mandiant/cleanldap
This Website Has Been Seized
http://ramp4u.io
HoneyMyte updates CoolClient backdoor, uses new data stealing tools | Securelist
https://securelist.com/honeymyte-updates-coolclient-uses-browser-stealers-and-scripts/118664/
APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability - SecurityWeek
https://www.securityweek.com/apts-cybercriminals-widely-exploiting-winrar-vulnerability/
PureRAT: Attacker Now Using AI to Build Toolset | SECURITY.COM
https://www.security.com/threat-intelligence/ai-purerat-phishing
Over 100 Organizations Targeted in ShinyHunters Phishing Campaign - SecurityWeek
https://www.securityweek.com/over-100-organizations-targeted-in-shinyhunters-phishing-campaign/