Appears on
Articles6
New Tool in the Wild: Bluekit Dashboard (Beta)
A threat advisory on Bluekit, a phishing-as-a-service platform advertised as an accessible, anonymity-focused alternative to Evilginx Pro and Tycoon2FA β 40+ templates, 2FA interception, device/geolocation spoofing, and no vetting requirements.
Supply Chain Confidence: What Every Organisation Needs to Know
A threat advisory covering TeamPCPβs multi-stage supply chain campaign through Trivy, npm, LiteLLM, Telnyx, and Axios β with 11 prioritised defensive recommendations for organisations of all sizes.
The Gentlemen Ransomware Group β Leak Analysis
A 120-minute technical intelligence whitepaper analysing the leaked Rocket.Chat corpus of The Gentlemen RaaS β 3,366 messages, 66 confirmed victims, custom G-BOT C2, Fortinet exploitation, AI-assisted operations, and a moderate-high confidence assessment of Black Basta successor lineage.
The Gentlemen Leak Analysis (Part 2) β JA456 Follow-on
Analysis of JA456, a follow-on package to the original Gentlemen Leaks that exposes operator-side artifacts β MEGA session history, a Synology NAS shadow dump, and wipe-in-progress screenshots β yielding rare attribution pivots including an early residential Izhevsk IP.
ShinyHunters: Silent Malware as a Service (MaaS)
A full malware analysis of Illusion-2.6.5-setup.exe β a deployment of Silent Stealer v2.6.5 and integrated RAT sold as a Malware-as-a-Service and distributed via Telegram under the ShinySpider alias, with an exposed operator panel that maps the complete C2 infrastructure and capability set.
Kali365 PhaaS Kit: OAuth Device-Code Phishing Enables MFA-Satisfied Token Theft
End-to-end reverse engineering of the Kali365 (K365) Microsoft 365 Phishing-as-a-Service operator client, purchased web panel, and payment infrastructure β revealing OAuth device-code phishing (RFC 8628) that satisfies MFA legitimately to steal long-lived refresh tokens.
